From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Campbell <Ian.Campbell@citrix.com>
Subject: Re: Security vulnerability process, and CVE-2012-0217
Date: Mon, 2 Jul 2012 14:59:44 +0100
Message-ID: <1341237584.4625.95.camel@zakaz.uk.xensource.com>
References: <20448.49637.38489.246434@mariner.uk.xensource.com>
	<20120623194214.GF2640@US-SEA-R8XVZTX>
	<CAFLBxZYRFTTHxsF4KbAvDx6e-rrwjaPsFsjf4KTuvQtayW3E2A@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <CAFLBxZYRFTTHxsF4KbAvDx6e-rrwjaPsFsjf4KTuvQtayW3E2A@mail.gmail.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: George Dunlap <George.Dunlap@eu.citrix.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>, Matt Wilson <msw@amazon.com>, "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

On Thu, 2012-06-28 at 18:45 +0100, George Dunlap wrote:
[...]
> And I'm going to suggest something else which I think is true, and
> relevant to the discussion:
> 3. A large majority of deployed Xen instances are run by people not on
> the pre-disclosure list.

I agree. Although there may be a vendors with massive Xen deployments my
instinct is that they will be dwarfed by the sum of all the small
individual deployments.

> (I think we should pretty much assume that unless explicitly stated,
> all opinions are the opinions of the individuals, not the
> organizations they work for.)

Agreed (on my own behalf ;-)).

Ian.