On Tue, 18 Oct 2016, Alexis Rosen wrote:
I think this is a grave error. Not so much in terms of security
(though it's not great), but in community-building. It's in Quagga's
best interests to expand participation as much as possible. If that
means seeking out forks/distros and opening communications with them,
then that's worth doing, especially so with security patches.
I'm not sure how inviting people to subscribe to a project security list
is mutually exclusive with communicating with other projects. And... the
other projects _were_ notified.
Also, how do you propose a project identifies those who may be
interested in security information, without inviting those who may be
interested to get in touch?
Start with those, you might get more code flowing up/downstream in
You may wish to check commit stats.
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Any sufficiently advanced technology is indistinguishable from a rigged demo.
- Andy Finkel, computer guy
Quagga-users mailing list