From mboxrd@z Thu Jan  1 00:00:00 1970
From: Lars Kurth <lars.kurth@xen.org>
Subject: Re: Security vulnerability process,
 and CVE-2012-0217 [vote?]
Date: Mon, 24 Sep 2012 12:25:55 +0100
Message-ID: <50604343.1090506@xen.org>
References: <20448.49637.38489.246434@mariner.uk.xensource.com>
	<1345718230.12501.79.camel@zakaz.uk.xensource.com>
Reply-To: lars.kurth@xen.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

Hi,

Does anybody have any objections to Ian's changes in this patch series? 
None of these appear significant changes. In line with the decision 
making process, I would be happy to apply. But, I am also happy to run 
this through a vote.

The patch series was
[PATCH 1/6] Clarify what info predisclosure list members may share 
during an embargo
[PATCH 2/6] Clarifications to predisclosure list subscription instructions
[PATCH 3/6] Clarify the scope of the process to just the hypervisor project
[PATCH 4/6] Discuss post-embargo disclosure of potentially controversial 
private decisions
[PATCH 5/6] Patch review, expert advice and targetted fixes
[PATCH 6/6] Declare version 1.3 ... that would have changed to 1.4 as we 
added CentOS to the pre-disclosure list in 1.3

Best Regards
Lars

On 23/08/2012 11:37, Ian Campbell wrote:
> On Tue, 2012-06-19 at 19:16 +0100, Ian Jackson wrote:
> [...]
>> More minor policy questions
>> ---------------------------
> [...]
>> Lacunae in the process
>> ----------------------
> I've prepared a series of patches to the policy[0] which implement most
> (but not all) of what was suggested in these two sections. I think they
> are largely uncontroversial, but please do holler if you disagree or
> want to suggest further improvements..
>
> I'm not at all sure that patches are the best way to present this but there
> we are.
>
> Ian.
>
> [0] http://www.xen.org/projects/security_vulnerability_process.html
>
>
>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel