Saturday, January 21, 2017, 3:41:53 PM, Jacopo Cappellato wrote: > On Sat, Jan 21, 2017 at 2:56 PM, Jacques Le Roux < > [email protected]> wrote: > >> >> For QU30 we can easily ask infra to create a security ML. >> For the wiki page at least a link to http://www.apache.org/security >> /#vulnerability-handling would help. >> > > We could, but we can also postpone this decision, even after graduation: in > fact it is not mandatory at all to have all questions resolved positively.
Though it's still a good point that we should say something to the users... Right now, the best they can do is figuring out who the key personal are, and write to them privately. > Jacopo -- Thanks, Daniel Dekany
