You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Wilder Rodrigues <WR...@schubergphilis.com> on 2015/06/10 10:22:39 UTC
Access to ACS security issues
Hi all,
Our colleague Glenn reate some security issues under the ACS Jira with private visibility. I would like to have a look at those issues, but unfortunately I do not have access even to browse those.
How could we get that solved? Is that possible to give me access?
Thanks in advance.
Cheers,
Wilder
Re: Access to ACS security issues
Posted by Daan Hoogland <da...@gmail.com>.
The mail list is called security@....!
On Wed, Jun 10, 2015 at 10:54 AM, Daan Hoogland
<DH...@schubergphilis.com> wrote:
> Wilder,
>
> We can add you to the security group? Subscribe at least to
> sec@cloudstack.apache.org I¹ll see if I can give you rights to the jira
> group.
>
> On 10/06/15 10:22, "Wilder Rodrigues" <WR...@schubergphilis.com>
> wrote:
>
>>Hi all,
>>
>>Our colleague Glenn reate some security issues under the ACS Jira with
>>private visibility. I would like to have a look at those issues, but
>>unfortunately I do not have access even to browse those.
>>
>>How could we get that solved? Is that possible to give me access?
>>
>>Thanks in advance.
>>
>>Cheers,
>>Wilder
>
--
Daan
Re: Access to ACS security issues
Posted by Daan Hoogland <DH...@schubergphilis.com>.
Wilder,
We can add you to the security group? Subscribe at least to
sec@cloudstack.apache.org I¹ll see if I can give you rights to the jira
group.
On 10/06/15 10:22, "Wilder Rodrigues" <WR...@schubergphilis.com>
wrote:
>Hi all,
>
>Our colleague Glenn reate some security issues under the ACS Jira with
>private visibility. I would like to have a look at those issues, but
>unfortunately I do not have access even to browse those.
>
>How could we get that solved? Is that possible to give me access?
>
>Thanks in advance.
>
>Cheers,
>Wilder
Re: Access to ACS security issues
Posted by John Kinsella <jl...@stratosec.co>.
Wilder - sorry, I don’t see in my inbox/spam folder. :( Could ya forward to me directly?
URLs or bug numbers would be handy, just so we know we’re looking at same thing...
John
> On Jun 10, 2015, at 1:09 PM, Wilder Rodrigues <WR...@schubergphilis.com> wrote:
>
> Hi John,
>
> I sent the not to the security list, haven’t got an reply yet.
>
> Do you need to know which issues did Glenn create? Please, let me know and we will provide you the URLs.
>
> Thanks in advance.
>
> Cheers,
> Wilder
>
>> On 10 Jun 2015, at 19:00, John Kinsella <jl...@stratosec.co> wrote:
>>
>> +1. We can run queries for security issues, but that requires a more proactive stance than (at least some of us) honestly have. Send a note to the list mentioned…we don’t bite. :)
>>
>> John
>>
>>> On Jun 10, 2015, at 5:20 AM, David Nalley <da...@gnsa.us> wrote:
>>>
>>> Any chance we can get Glenn to follow our security vulnerability
>>> reporting procedure?
>>> https://cloudstack.apache.org/security.html
>>>
>>> The issue with creating 'private Jiras' is that no one gets notified.
>>> Indeed, this email is the first notice that any of us have about these
>>> issues.
>>>
>>> --David
>>>
>>> On Wed, Jun 10, 2015 at 4:22 AM, Wilder Rodrigues
>>> <WR...@schubergphilis.com> wrote:
>>>> Hi all,
>>>>
>>>> Our colleague Glenn reate some security issues under the ACS Jira with private visibility. I would like to have a look at those issues, but unfortunately I do not have access even to browse those.
>>>>
>>>> How could we get that solved? Is that possible to give me access?
>>>>
>>>> Thanks in advance.
>>>>
>>>> Cheers,
>>>> Wilder
>>
>
Re: Access to ACS security issues
Posted by Wilder Rodrigues <WR...@schubergphilis.com>.
Hi John,
I sent the not to the security list, haven’t got an reply yet.
Do you need to know which issues did Glenn create? Please, let me know and we will provide you the URLs.
Thanks in advance.
Cheers,
Wilder
> On 10 Jun 2015, at 19:00, John Kinsella <jl...@stratosec.co> wrote:
>
> +1. We can run queries for security issues, but that requires a more proactive stance than (at least some of us) honestly have. Send a note to the list mentioned…we don’t bite. :)
>
> John
>
>> On Jun 10, 2015, at 5:20 AM, David Nalley <da...@gnsa.us> wrote:
>>
>> Any chance we can get Glenn to follow our security vulnerability
>> reporting procedure?
>> https://cloudstack.apache.org/security.html
>>
>> The issue with creating 'private Jiras' is that no one gets notified.
>> Indeed, this email is the first notice that any of us have about these
>> issues.
>>
>> --David
>>
>> On Wed, Jun 10, 2015 at 4:22 AM, Wilder Rodrigues
>> <WR...@schubergphilis.com> wrote:
>>> Hi all,
>>>
>>> Our colleague Glenn reate some security issues under the ACS Jira with private visibility. I would like to have a look at those issues, but unfortunately I do not have access even to browse those.
>>>
>>> How could we get that solved? Is that possible to give me access?
>>>
>>> Thanks in advance.
>>>
>>> Cheers,
>>> Wilder
>
Re: Access to ACS security issues
Posted by John Kinsella <jl...@stratosec.co>.
+1. We can run queries for security issues, but that requires a more proactive stance than (at least some of us) honestly have. Send a note to the list mentioned…we don’t bite. :)
John
> On Jun 10, 2015, at 5:20 AM, David Nalley <da...@gnsa.us> wrote:
>
> Any chance we can get Glenn to follow our security vulnerability
> reporting procedure?
> https://cloudstack.apache.org/security.html
>
> The issue with creating 'private Jiras' is that no one gets notified.
> Indeed, this email is the first notice that any of us have about these
> issues.
>
> --David
>
> On Wed, Jun 10, 2015 at 4:22 AM, Wilder Rodrigues
> <WR...@schubergphilis.com> wrote:
>> Hi all,
>>
>> Our colleague Glenn reate some security issues under the ACS Jira with private visibility. I would like to have a look at those issues, but unfortunately I do not have access even to browse those.
>>
>> How could we get that solved? Is that possible to give me access?
>>
>> Thanks in advance.
>>
>> Cheers,
>> Wilder
Re: Access to ACS security issues
Posted by David Nalley <da...@gnsa.us>.
Any chance we can get Glenn to follow our security vulnerability
reporting procedure?
https://cloudstack.apache.org/security.html
The issue with creating 'private Jiras' is that no one gets notified.
Indeed, this email is the first notice that any of us have about these
issues.
--David
On Wed, Jun 10, 2015 at 4:22 AM, Wilder Rodrigues
<WR...@schubergphilis.com> wrote:
> Hi all,
>
> Our colleague Glenn reate some security issues under the ACS Jira with private visibility. I would like to have a look at those issues, but unfortunately I do not have access even to browse those.
>
> How could we get that solved? Is that possible to give me access?
>
> Thanks in advance.
>
> Cheers,
> Wilder