Date: Sat, 13 Feb 2016 13:22:09 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software * halfdog: > Data communicated in the final 2 weeks is secured but I am worried > about the 6 month centralized, structured and unencrypted > communication before that, which might be not so hard to tap into. We generally avoid sitting on vulnerabilities for extended periods. I doubt many open-source communities would turn away contributors based on their employment or nationality. I would find that extremely discriminatory. If people are willing to help, you welcome them, and eventually, this can lead to sharing sensitive security information with them.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ