From mboxrd@z Thu Jan 1 00:00:00 1970
From: Ian Campbell
Subject: [PATCH 3/6] Clarify the scope of the process to just
the hypervisor project
Date: Thu, 23 Aug 2012 11:37:51 +0100
Message-ID: <1345718274-7900-3-git-send-email-ian.campbell@citrix.com>
References: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path:
In-Reply-To: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
List-Unsubscribe: ,
List-Post:
List-Help:
List-Subscribe: ,
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
Cc: Ian Jackson , Ian Campbell
List-Id: xen-devel@lists.xenproject.org
Other projects are handled on a best effort basis by the project lead
with the assistance of the security team.
See <20448.49637.38489.246434@mariner.uk.xensource.com>, section
"9. Vulnerability process scope"
---
security_vulnerability_process.html | 3 +++
1 file changed, 3 insertions(+)
diff --git a/security_vulnerability_process.html b/security_vulnerability_process.html
index ee42402..ddd88a1 100644
--- a/security_vulnerability_process.html
+++ b/security_vulnerability_process.html
@@ -77,6 +77,9 @@ if(ns4)_d.write("<\/scr
will treat with respect the requests of discoverers, or other vendors, who
report problems to us.
+ Scope of this process
+ This process primarily covers the Xen Hypervisor Project. Vulnerabilties reported against other Xen.org projects will be handled on a best effort basis by the relevant Project Lead together with the security team.
+
Specific process
We request that anyone who discovers a vulnerability in xen.org
--
1.7.10.4