I'm assuming that, out of the mutual concerns we all share for the community of ODF supporters, that it might be appropriate to suggest to a reporter that they take their report to a different security@ address that might be more appropriate for immediate attention and action.
- Dennis -----Original Message----- From: Rob Weir [mailto:[email protected]] Sent: Monday, August 01, 2011 16:58 To: [email protected] Subject: Re: Population of ooo-security On Mon, Aug 1, 2011 at 7:40 PM, Simon Phipps <[email protected]> wrote: [ ... ] > I don't think I understand how your response, which refers to the > functioning of a future list once AOOo has an operational development > process, applies to my comment, which refers to the situation now when any > incoming security issue would probably be triaged by fixing & recommending > use of LibreOffice. > The existence and staffing of ooo-security is part of AOOo development. It is not something outside of a development process. Not every report we receive necessarily results in the production of an urgent patch. But if such a situation occurred, then we'd discuss on ooo-security and develop a recommendation. But regardless of the disposition of the report, I think it is important to respect the privacy of the reporter. > S. >
