From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Campbell Subject: [PATCH 3/6] Clarify the scope of the process to just the hypervisor project Date: Thu, 23 Aug 2012 11:37:51 +0100 Message-ID: <1345718274-7900-3-git-send-email-ian.campbell@citrix.com> References: <1345718230.12501.79.camel@zakaz.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1345718230.12501.79.camel@zakaz.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: xen-devel@lists.xen.org Cc: Ian Jackson , Ian Campbell List-Id: xen-devel@lists.xenproject.org Other projects are handled on a best effort basis by the project lead with the assistance of the security team. See <20448.49637.38489.246434@mariner.uk.xensource.com>, section "9. Vulnerability process scope" --- security_vulnerability_process.html | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security_vulnerability_process.html b/security_vulnerability_process.html index ee42402..ddd88a1 100644 --- a/security_vulnerability_process.html +++ b/security_vulnerability_process.html @@ -77,6 +77,9 @@ if(ns4)_d.write("<\/scr will treat with respect the requests of discoverers, or other vendors, who report problems to us.

Scope of this process

This process primarily covers the Xen Hypervisor Project. Vulnerabilties reported against other Xen.org projects will be handled on a best effort basis by the relevant Project Lead together with the security team.

Specific process

We request that anyone who discovers a vulnerability in xen.org -- 1.7.10.4