Date: Tue, 24 Aug 2021 15:46:28 -0700 From: Alan Coopersmith <alan.coopersmith@...cle.com> To: oss-security@...ts.openwall.com Subject: Oracle Solaris membership in the distros list I've read through https://oss-security.openwall.org/wiki/mailing-lists/distros but am not sure how best to proceed. While "Oracle" is currently a member of the linux-distros list, the contacts present there currently only represent Oracle Linux. As they joined at a time when Oracle Solaris was not eligible (before the membership criteria was changed from "open source distro" to "distro with substantial use of Open Source components"), they have been keeping the information they receive from the list strictly compartmentalized from us in the Solaris organization, as per list rules. We could perhaps just expand the existing "Oracle" membership to include Solaris, but I'm not sure if it's appropriate for Solaris to be a part of linux-distros, instead of the distros list. While we don't ship the Linux kernel, we do ship some appropriately licensed code from it, mostly dual-licensed drivers, and certainly have overlapping concerns in areas such as providing OS-level mitigations for CPU speculative execution issues, but the same is true for the BSDs on the distros list as well. The members I would propose adding from the Solaris team are: Alan Coopersmith <Alan.Coopersmith@...cle.COM> Casper Dik <Casper.Dik@...cle.COM> Pavel Heimlich <Pavel.Heimlich@...cle.COM> and existing members of the distros list from the Oracle Linux team have agreed to vouch for us. (Non-Oracle members of the distros list may also know me from my years on the X.Org Foundation security response team and may know Casper from his many years of broader community participation, and we've both been participating in oss-security for quite a while.) So should we just expand the existing Oracle membership to cover both teams or do we need to apply separately as the Oracle Solaris team? If we need to apply separately, how is the "giving back" criteria handled for orgs who are only on distros and not linux-distros, and thus can't perform most of the tasks given? (I don't see the BSD's listed for any of the tasks there.) -- -Alan Coopersmith- alan.coopersmith@...cle.com Oracle Solaris Engineering - https://blogs.oracle.com/alanc
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.