Concerning the continued use of [email protected], there are two issues
1. It is not clear what the fate of mailing lists @openoffice.org is going to be, and whether they are reliably-operated in the meantime. It would be great to have assistance in preserving the administration of those lists, the @openoffice.org e-mail registration/User-ID structure, etc., but at the moment no capability to doing so has been identified by the Apache OOo project. 2. There is some indication that those who are able to administer that list have not been very ecumenical about it, and some sort of peace treaty is required to achieve the necessary DMZ. That probably applies wherever the shared security forum is established, and it is probably more essential to address that than (1). - Dennis -----Original Message----- From: Jürgen Schmidt [mailto:[email protected]] Sent: Monday, October 10, 2011 07:55 To: [email protected] Subject: Re: Vulnerability fixed in LibreOffice On Mon, Oct 10, 2011 at 3:51 PM, Simon Phipps <[email protected]> wrote: [ ... ] > Back to the actual issue: > > * for (A), AOOo clearly needs a private security list. We all agree. > * for (B), the legacy StarOffice ecosystem clearly needs a shared private > security list. Seems we all agree on that too. > > The former apparently exists. All that's left is to actually agree to a > technical arrangement that works for the latter. There are two proposals on > the table. Given the tendency of some to confuse community collaboration > with Apache project work, I actually think the idea of a list at > freedesktop.org for (B) makes most sense. > let us check first if we can still use the already established list [email protected] <[email protected]> before seeking for a new name. It's at least not clear for me if we can use it or not, i will try to clarify this. freedesktop.org is very Linux centric, isn't it? But the whole word is often talking about OpenOffice independent of what brand they currently use. And most of our users are still on a windows system (if we like it or not ;-)). That means i would prefer to move forward if possible with a shared list [email protected] <[email protected]> that is already known, is related to the product or derivatives and that we can use for collaborative work on any security issues and the communication between projects sharing the same code base or at least part of it. Does it make sense to check first the possibility of using the existing name? Juergen [ ... ]
