commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacques Le Roux <jacques.le.r...@les7arts.com>
Subject Re: Security mailing list
Date Sun, 17 Dec 2017 12:21:23 GMT
+1

Jacques


Le 17/12/2017 à 12:22, Romain Manni-Bucau a écrit :
> +1
>
> Le 17 déc. 2017 12:14, "Mark Thomas" <markt@apache.org> a écrit :
>
>> On 15/12/2017 11:13, Jochen Wiedmann wrote:
>>> Hi,
>>>
>>> over the last months we have definitely seen our share of security
>>> related issues. However, I also noticed that we had a tendency to
>>> loose these threads in the overall noise, resulting in mails like "Did
>>> anyone reply to the reporter?"
>>>
>>> No, according to Linus Torvalds, that is perfectly fine, because a
>>> security issue is "just another bug". However, I am not Linus, and
>>> would like to see these things in a better state.
>>>
>>> As a consequence, I'd like to question how others are handling this.
>>> Could we have a mailing list, like security@commons.apache.org,
>>> preferrably with subscription limited to private@ members, and
>>> security@apache.org subscribed automatically. (In theory, we could
>>> subscribe selected committers, too.)
>> +1
>>
>> Works for me.
>>
>> Mark
>>
>>> At the very least, this would allow us to create a filter for security
>>> related messages, thereby concentrate our attention.
>>>
>>> Jochen
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
>> For additional commands, e-mail: dev-help@commons.apache.org
>>
>>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org


Mime
View raw message