+1 Jacopo
On Sun, Jul 24, 2016 at 2:32 PM, Jacopo Cappellato < jacopo.cappell...@hotwaxsystems.com> wrote: > Rationale: every ASF project needs a private list to discuss product > vulnerabilities; for OFBiz the "private" list has been used for this > purpose until now; however an ad-hoc list may be useful because it could > provide a more focused space to discuss the security issues and could > provide more flexibility to invite in the private list persons willing to > help that are trusted by the PMC. > > Please vote, > > +1 > > to create a "security" list (i.e. secur...@ofbiz.apache.org) and move all > the security related discussions and notifications currently happening on > the private list to this new list: according to the ASF policies [*] the > list will be a private list used by the persons willing to help to resolve > security issues; the list of subscribers will be approved by the OFBiz PMC. > > Otherwise vote -1 to continue to use the "private" mailing list for > vulnerability handling. > > [*] http://www.apache.org/security/ >