[announce] New Horde Vendor coordination list
Chuck Hagenbuch
chuck at horde.org
Wed Feb 6 16:31:30 UTC 2008
Horde community-
We have created a new mailing list for coordinating security releases
with vendors who distribute packaged versions of Horde, with the goal
of making coordinated release of fixes easier for all involved, and
thus more timely and safer for users.
For perhaps obvious reasons - the confidentiality of security reports
- this is a private list with moderated subscription. If you are
involved in packaging Horde for a distribution, please ask to
subscribe at http://lists.horde.org/mailman/listinfo/vendor. If you
are not already familiar with the Horde core development team, you
should also send a note to core at horde.org letting us know how we can
verify your involvement in packaging. Again, this is not to create an
arbitrary barrier to entry and information, but to ensure that we can
respect security researchers' wishes in keeping reports confidential
until a coordinated release of any issues and the associated fixes is
made.
For more information on Horde's security procedures, please see
http://wiki.horde.org/SecurityManagement
Thanks,
-chuck
More information about the announce
mailing list