According to https://xenbits.xen.org/xsa/ we are in the middle of
4 consecutive Tuesdays of security announcements: XSA-19[1-8]
on Nov. 22, XSA-201 Nov. 29, XSA-199 Dec. 6 and XSA-200 Dec. 13.
The present security policy does not encourage batching of XSAs and
I would like us to consider refining
On Mon, 2016-12-05 at 11:24 -0800, Stefano Stabellini wrote:
> On Mon, 5 Dec 2016, Jan Beulich wrote:
> > >>> On 05.12.16 at 15:17, wrote:
...
> > > Obviously, some issues are discussed in public before the security
> > > impact is realised (such as XSA-201); equally, the right to set
> > > a di
On Wed, 2016-12-07 at 16:23 +, Ian Jackson wrote:
> ...
> I have an alternative concrete suggestion:
>
> Unless there are good reasons to diverge, our suggestions to
> discoverer(s) will be based on the following criteria, in order of
> precedence:
> 1. Avoiding disclosure on Fridays, week
