[board] Fwd: [core] Coordination with Debian for security problems ?
Jan Schneider
jan at horde.org
Tue Feb 5 22:09:34 UTC 2008
I would prefer a separate vendor@ mailing list for that. It should be
private, which board@ isn't.
Zitat von Chuck Hagenbuch <chuck at horde.org>:
> This is something I could see the board list being useful for. Is it
> mixing the purpose of the board too much to include security
> notifications? Should we set up a separate list/system for that?
>
> core@ could be, if there weren't too many people.
>
> ----- Forwarded message from reg at evolix.fr -----
> Date: Sun, 3 Feb 2008 03:43:47 +0100
> From: Gregory Colpart <reg at evolix.fr>
> Subject: [core] Coordination with Debian for security problems ?
> To: core at horde.org
>
> Hello,
>
> I'm member of pkg-horde team (two or three persons who create
> packages for Debian). We take care of security problems and we
> try to publish corrected Debian packages as soon as possible when
> we known new security bug [*]. Do you think possible to contact
> us *privately* when you have private disclosure in order to
> prepare fixed Debian package the day of public disclosure ?
> And more generally, having the best way to known when you find
> security problems (for now, we see them in Changelog of
> (RC-)release...) could be very helpful for us.
>
> [*] Last example is here : http://www.debian.org/security/2008/dsa-1470
>
> Regards,
> --
> Gregory Colpart <reg at evolix.fr> GnuPG:1024D/C1027A0E
> Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
>
>
> ----- End forwarded message -----
>
>
> -chuck
> __
> board mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: board-unsubscribe at lists.horde.org
>
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the board
mailing list