HI. WHAT'S WITH THE YELLING? :) I'm already on security@ and I actively monitor what goes there. About 6 weeks ago a message came through which I missed and nobody else responded to until ASF security reminded us about the post this morning.
While having people who "can/will do something" about issues, usually with appsec you want people who can understand the security aspects, and then engage developers familiar with the code to help with a fix. Those who can fulfill both roles are a plus, but not required. John ps - your email went into my spam folder... On Tue, Sep 24, 2019 at 5:04 AM Paul Angus <pau...@apache.org> wrote: > > HELLO? > > > > Have we enough ‘active’ security representatives? > > > Please respond if you are ALREADY on the security maililing list and are > still willing/able to assist with CloudStack security issues. > > OR > > You AREN'T already on the security mailing list, but would like to assist > with security issues. Please note 'people with opinions' are welcome, but we > very much need 'people who can/will do something about' any issues which are > identified. > > > Kind regards > > > Paul Angus
