oss-sec mailing list archives

Re: membership request to the closed linux-distros security mailing list

From: Stuart Henderson <stu () spacehopper org>
Date: Fri, 20 Mar 2015 15:50:26 +0000

On 2015/03/20 08:16, Anthony Liguori wrote:


I think the alternative is to formalize what already appears to be the
existing practice: disclose distros@ on the existence of a
vulnerability but require direct contact for the details of the
vulnerability if the submitter/upstream thinks the impact is high.


Are private lists even needed if this policy is taken?

Current thread:

membership request to the closed linux-distros security mailing list Sona Sarmadi (Mar 20)
- Re: membership request to the closed linux-distros security mailing list Solar Designer (Mar 20)
  - Re: membership request to the closed linux-distros security mailing list Anthony Liguori (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Stuart Henderson (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Anthony Liguori (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Marcus Meissner (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Anthony Liguori (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Daniel Micay (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Kurt Seifried (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Florian Weimer (Mar 22)
  - Re: membership request to the closed linux-distros security mailing list John Haxby (Mar 20)
    - Re: membership request to the closed linux-distros security mailing list Alan Coopersmith (Mar 20)
  - Re: membership request to the closed linux-distros security mailing list Florian Weimer (Mar 22)