Thanks, the GSIP has been revised with "volunteer", "researcher", "National CVE Numbering Authority" and the exchanges separated for clarity. -- Jody Garnett
On Sep 15, 2023 at 11:54:19 AM, Torben Barsballe <torbenbarsba...@gmail.com> wrote: > +1 > > The Feedback section read as a little confusing (probably because the tone > of the document switched from descriptive to conversational). A short blurb > providing some context at the start, or some indication of personas > throughout ( i.e. quoted sections being identified as security researchers, > etc.) would improve legibility. However, since this section is ultimately > just examples and not procedure, this doesn't affect my vote one way or the > other. > > Cheers, > Torben > > On Tue, Sep 12, 2023 at 2:37 PM Jody Garnett <jody.garn...@gmail.com> > wrote: > >> Proposal is here: https://github.com/geoserver/geoserver/wiki/GSIP-220 >> >> Overview is using the GitHub "private vulnerability reporting" to assign >> CVE numbers we control to our known security issues. >> -- >> Jody Garnett >> _______________________________________________ >> Geoserver-devel mailing list >> Geoserver-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/geoserver-devel >> >
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
