You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by Malte Timmermann <ma...@oracle.com> on 2011/07/11 15:00:06 UTC
Re: [securityteam] Re: [DISCUSS] Creation of ooo-security list (was
Re: OpenOffice Security Vulnerability Reporting)
+1 for having ooo-security@incubator.apache.org, because
- old OOo mailing lists will probably die some day
- other people are now participating in Apache OOo, who don't work
on OOo/LO
- (Old) OOo doesn't release security updates anymore, I guess.
I am still on vacation until 06/25. That the reason for answering so
late, and please moderate this for ooo-dev@i.a.o, as my Oracle address
in not subscribed or in my alias list.
For initial members of the new list, we should use the people subscribed
to the closed OOo and LO security lists - where is a very big overlap
anyway. And we should probably add Rob and Andrew.
Malte.
Dennis E. Hamilton wrote, On 08.07.2011 01:35:
> So perhaps the prudent thing to do is create the list and find out we don't need it, rather than not have it and have occasion to regret it.
>
> +1
>
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org]
> Sent: Thursday, July 07, 2011 07:00
> To: Rob Weir
> Cc: securityteam@openoffice.org; ooo-dev@incubator.apache.org; security@apache.org
> Subject: Re: OpenOffice Security Vulnerability Reporting
>
> [ ... ]
>
> Access to ooo-private@incubator.apache.org is too open for security
> issues. ooo-security@incubator.apache.org needs to be set up with access
> limited to a small, trusted set of individuals. The current subscribers
> to securityteam@openoffice.org would be a good place to start.
>
> Mark
>