Agree with George
On 19 Jan 2015, at 15:55, George Dunlap wrote:
> On Mon, Jan 19, 2015 at 1:38 PM, Ian Jackson
> wrote:
>> Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
>> with Security Team Permission"):
>>> On 19 Jan 2015,
On Mon, Jan 19, 2015 at 1:38 PM, Ian Jackson
wrote:
> Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
> with Security Team Permission"):
>> On 19 Jan 2015, at 10:20, Jan Beulich wrote:
>> > On 16.01.15 at 20:52, wrote:
>> >&
On Mon, 2015-01-19 at 13:38 +, Ian Jackson wrote:
> Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
> with Security Team Permission"):
> > On 19 Jan 2015, at 10:20, Jan Beulich wrote:
> > > On 16.01.15 at 20:52, wrote:
> >
>>> On 19.01.15 at 13:36, wrote:
> On Mon, 2015-01-19 at 10:20 +, Jan Beulich wrote:
>> >>> On 16.01.15 at 20:52, wrote:
>> > --- a/security_vulnerability_process.html
>> > +++ b/security_vulnerability_process.html
>> > @@ -212,6 +212,17 @@ following:
>> >The assigned XSA number
>> >T
Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment with
Security Team Permission"):
> On 19 Jan 2015, at 10:20, Jan Beulich wrote:
> > On 16.01.15 at 20:52, wrote:
> >> +List members may, if (and only if) the Security Team grants
> >&g
On Mon, 2015-01-19 at 13:08 +, Ian Jackson wrote:
> Ian Campbell writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
> with Security Team Permission"):
> > On Fri, 2015-01-16 at 19:52 +, Ian Jackson wrote:
> > > +List members may, if (and on
Ian Campbell writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
with Security Team Permission"):
> On Fri, 2015-01-16 at 19:52 +, Ian Jackson wrote:
> > +List members may, if (and only if) the Security Team grants
> > +permission, deploy fixed ve
On Mon, 2015-01-19 at 10:20 +, Jan Beulich wrote:
> >>> On 16.01.15 at 20:52, wrote:
> > --- a/security_vulnerability_process.html
> > +++ b/security_vulnerability_process.html
> > @@ -212,6 +212,17 @@ following:
> >The assigned XSA number
> >The planned disclosure date
> >
> > +List
On Fri, 2015-01-16 at 19:52 +, Ian Jackson wrote:
> Permitting deployment during embargo seemed to have rough consensus on
> the principle. We seemed to be converging on the idea that the
> Security Team should explicitly set deployment restrictions for each
> set of patches.
>
> Signed-off-b
On 19 Jan 2015, at 10:20, Jan Beulich wrote:
On 16.01.15 at 20:52, wrote:
>> +List members may, if (and only if) the Security Team grants
>> +permission, deploy fixed versions during the embargo. Permission for
>
>
Better: List members may deploy fixed versions during the embargo, if (.
>>> On 16.01.15 at 20:52, wrote:
> --- a/security_vulnerability_process.html
> +++ b/security_vulnerability_process.html
> @@ -212,6 +212,17 @@ following:
>The assigned XSA number
>The planned disclosure date
>
> +List members may, if (and only if) the Security Team grants
> +permission,
Permitting deployment during embargo seemed to have rough consensus on
the principle. We seemed to be converging on the idea that the
Security Team should explicitly set deployment restrictions for each
set of patches.
Signed-off-by: Ian Jackson
Signed-off-by: Ian Jackson
---
security_vulnerab
12 matches
Mail list logo
