tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yoav Shapira" <yo...@apache.org>
Subject Re: Proposed new security pages
Date Tue, 20 Feb 2007 23:06:44 GMT
Hi,

On 2/20/07, Filip Hanik - Dev Lists <devlists@hanik.com> wrote:
> sounds good, as long as we don't publish vulnerabilities until they are
> indeed fix and the release has been voted stable

Agreed except the "stable" part.  When the vulnerabilities have been
fixed in any release, including alpha / beta, they can be made public.
 If the security issue is urgent there's likely to be a release with
nothing (or very little) except the security fix anyways.  Those who
need to upgrade urgently can do so.

Yoav

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message