Dave Fisher wrote: > > I may remind you that, at the point > > of responsible disclosure to securityteam@ooo, the > > ooo-security@apache list was still in the process of being > > setup/populated, and there was an ongoing policy discussion here. > > When that discussion was settled it seems someone on the TDF side > should have taken some initiative to inform AOOo at our list. To > not have that happen was not in any spirit of cooperation. > Sure. Or print it, and have it sent as a registered letter, to *really* make sure it reaches destination.
Committers and PPMC members were aware of the issue, and apparently didn't share the information. 'nuff said, end of story for me. Cheers, -- Thorsten
pgpzkCkeJTvCg.pgp
Description: PGP signature
