Date: Mon, 18 Feb 2008 11:57:27 -0900 From: Jonathan Smith <smithj@...ethemallocs.com> To: oss-security@...ts.openwall.com Subject: FAQ for upstream maintainers -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Since my main goal (I understand if your goals differ, but they certainly should not conflict) for this list is to provide a way for upstream to coordinate with the vendors, I'm going to start a FAQ or tutorial or whatever dedicated to what upstream should do when they get a report from a user about a security issue. Basic rough draft: http://oss-security.openwall.org/wiki/whattodo I'm sure it can use some cleanup... Ideas, submissions, etc welcome! Also quite welcome would be someone with wiki-fu prettying up the page :-) smithj -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (GNU/Linux) iEYEARECAAYFAke58TcACgkQCG91qXPaRem2RACgh5bZX+OJ/luJGcXQRybsn1yS GHEAnj8tglycXD8SS+ta4asn1OdYCuyO =KMsb -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.