oss-sec mailing list archives
FAQ for upstream maintainers
From: Jonathan Smith <smithj () freethemallocs com>
Date: Mon, 18 Feb 2008 11:57:27 -0900
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Since my main goal (I understand if your goals differ, but they certainly should not conflict) for this list is to provide a way for upstream to coordinate with the vendors, I'm going to start a FAQ or tutorial or whatever dedicated to what upstream should do when they get a report from a user about a security issue. Basic rough draft: http://oss-security.openwall.org/wiki/whattodo I'm sure it can use some cleanup... Ideas, submissions, etc welcome! Also quite welcome would be someone with wiki-fu prettying up the page :-) smithj -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (GNU/Linux) iEYEARECAAYFAke58TcACgkQCG91qXPaRem2RACgh5bZX+OJ/luJGcXQRybsn1yS GHEAnj8tglycXD8SS+ta4asn1OdYCuyO =KMsb -----END PGP SIGNATURE-----
Current thread:
- FAQ for upstream maintainers Jonathan Smith (Feb 18)
- Re: FAQ for upstream maintainers Solar Designer (Feb 19)
- Re: FAQ for upstream maintainers Josh Bressers (Feb 20)
- Re: FAQ for upstream maintainers Vincent Danen (Feb 20)
- flaw disclosure (was: FAQ for upstream maintainers) Solar Designer (Feb 24)
- Re: FAQ for upstream maintainers Josh Bressers (Feb 20)
- Re: FAQ for upstream maintainers Solar Designer (Feb 19)