You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Andrija Panic <an...@gmail.com> on 2020/01/13 23:45:03 UTC
Re: Your security@ needs YOU!
Hi John,
is there a way to see who is on the security@ mailing list? At least to the
PCM members?
We need this list resurrected due to obvious reasons.
Thanks,
Andrija
On Tue, 24 Sep 2019 at 18:49, John Kinsella <jl...@gmail.com> wrote:
> HI. WHAT'S WITH THE YELLING? :)
>
> I'm already on security@ and I actively monitor what goes there. About
> 6 weeks ago a message came through which I missed and nobody else
> responded to until ASF security reminded us about the post this
> morning.
>
> While having people who "can/will do something" about issues, usually
> with appsec you want people who can understand the security aspects,
> and then engage developers familiar with the code to help with a fix.
> Those who can fulfill both roles are a plus, but not required.
>
> John
> ps - your email went into my spam folder...
>
> On Tue, Sep 24, 2019 at 5:04 AM Paul Angus <pa...@apache.org> wrote:
> >
> > HELLO?
> >
> >
> >
> > Have we enough ‘active’ security representatives?
> >
> >
> > Please respond if you are ALREADY on the security maililing list and are
> still willing/able to assist with CloudStack security issues.
> >
> > OR
> >
> > You AREN'T already on the security mailing list, but would like to
> assist with security issues. Please note 'people with opinions' are
> welcome, but we very much need 'people who can/will do something about' any
> issues which are identified.
> >
> >
> > Kind regards
> >
> >
> > Paul Angus
>
--
Andrija Panić
Re: Your security@ needs YOU!
Posted by Sven Vogel <sv...@apache.org>.
Ping ... I am here :)
Cheers,
Sven Vogel
Apache CloudStack PMC
On Tuesday, 01/14/2020 at 00:45 Andrija Panic wrote:
Hi John,
is there a way to see who is on the security@ mailing list? At
least to the PCM members?
We need this list resurrected due to obvious reasons.
Thanks,
Andrija
On Tue, 24 Sep 2019 at 18:49, John Kinsella wrote:
HI. WHAT'S WITH THE YELLING? :)
I'm already on security@ and I actively monitor what goes there. About
6 weeks ago a message came through which I missed and nobody else
responded to until ASF security reminded us about the post this
morning.
While having people who "can/will do something" about issues, usually
with appsec you want people who can understand the security aspects,
and then engage developers familiar with the code to help with a fix.
Those who can fulfill both roles are a plus, but not required.
John
ps - your email went into my spam folder...
On Tue, Sep 24, 2019 at 5:04 AM Paul Angus wrote:
>
> HELLO?
>
>
>
> Have we enough ‘active’ security representatives?
>
>
> Please respond if you are ALREADY on the security maililing list and
are still willing/able to assist with CloudStack security issues.
>
> OR
>
> You AREN'T already on the security mailing list, but would like to
assist with security issues. Please note 'people with opinions' are
welcome, but we very much need 'people who can/will do something
about' any issues which are identified.
>
>
> Kind regards
>
>
> Paul Angus
--
Andrija Panić