Date: Wed, 2 Aug 2017 14:01:17 +0200 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Cc: security@...e.de Subject: Re: CoreOS membership to linux-distros (updated) On Wed, Aug 02, 2017 at 12:11:20PM +0200, Johannes Segitz wrote: > On Tue, Aug 01, 2017 at 10:54:14PM +0200, Solar Designer wrote: > > I keep the wiki page up to date: > > > > http://oss-security.openwall.org/wiki/mailing-lists/distros#contributing-back > > SUSE has been active in the past in various activities listed in the > document and will continue to do so. Officially we would like to commit to > task 5 and 10. Thank you. This results in: 5. Determine if the reported issues are Linux-specific, and if so help ensure that (further) private discussion goes on the linux-distros sub-list only (thus, not spamming and unnecessarily disclosing to the non-Linux distros) - primary: SUSE, backup: vacant 10. Monitor relevant public channels (mailing lists, code repositories, etc.) and inform the reporter and the list in case an issue is made public prematurely (that is, leaks or is independently rediscovered) - primary: Amazon, backup: SUSE This leaves without an assigned distro only 1 of 13 administrative tasks requiring (linux-)distros list membership to handle: 4. Evaluate relevance to other parties such as the upstream, other affected distros (not present on the (sub-)list), and other Open Source projects, see if the report mentions notifying any of these, communicate your findings and possible concerns to the reporter and the list, and stay on top of the resulting discussion until a decision is made on who else to possibly notify (or not) and any such notifications are in fact made (with the reporter's approval) This is counterpart to task "5. Determine if the reported issues are Linux-specific ..." above. Handling of this task "4. Evaluate relevance to other parties ..." includes bringing discussions from linux-distros to the full distros list when relevant to the *BSD's (and/or to whatever other non-Linux distros are on that list at the time, if any join by then), and a lot more. Also still fully vacant are 3 out of 6 technical tasks. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ