Daniel P. Berrangé <berra...@redhat.com> writes: > The qemu-secur...@nongnu.org list is considered the authoritative > contact for reporting QEMU security issues. Remove the Red Hat > security team address in favour of QEMU's list, to ensure that > upstream gets first contact. There is a representative of the > Red Hat security team as a member of qemu-secur...@nongnu.org > whom requests CVE assignments on behalf of QEMU when needed. > > Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
Reviewed-by: Alex Bennée <alex.ben...@linaro.org> -- Alex Bennée Virtualisation Tech Lead @ Linaro
