+1
Jacopo
On Sun, Jul 24, 2016 at 2:32 PM, Jacopo Cappellato <
jacopo.cappell...@hotwaxsystems.com> wrote:
> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used for this
> purpose until now; however an ad-hoc list may
+1
Thanks & Regards
---
Arun Patidar
Manager, Enterprise Software Development
HotWax Systems
www.hotwaxsystems.com
On Sunday 24 July 2016 06:02 PM, Jacopo Cappellato wrote:
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has be
+1
Thanks & Regards
On Tue, Jul 26, 2016 at 5:53 AM, Scott Gray
wrote:
> Thanks for confirming Jacopo, +1 from me
>
> On 26/07/2016 00:32, "Jacopo Cappellato" <
> jacopo.cappell...@hotwaxsystems.com> wrote:
>
> > Correct!
> > A project can ask for the creation of the security list and the PMC may
Thanks for confirming Jacopo, +1 from me
On 26/07/2016 00:32, "Jacopo Cappellato" <
jacopo.cappell...@hotwaxsystems.com> wrote:
> Correct!
> A project can ask for the creation of the security list and the PMC may
> invite non-PMC members.
>
> Jacopo
>
> On Mon, Jul 25, 2016 at 12:06 PM, Scott Gra
+1
-David
> On 24 Jul 2016, at 05:32, Jacopo Cappellato
> wrote:
>
> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used for this
> purpose until now; however an ad-hoc list may be useful because it could
> provid
Correct!
A project can ask for the creation of the security list and the PMC may
invite non-PMC members.
Jacopo
On Mon, Jul 25, 2016 at 12:06 PM, Scott Gray
wrote:
> Ok I had a read of http://www.apache.org/security/committers.html and I
> see
> how it works. Looks like PMC is the default alte
Ok I had a read of http://www.apache.org/security/committers.html and I see
how it works. Looks like PMC is the default alternative "security team"
when a security list doesn't exist.
On 25 July 2016 at 21:31, gregory draperi wrote:
> On my side I voted +1 as I thing it would be easier for me t
On my side I voted +1 as I thing it would be easier for me to follow
security topics with a dedicated list.
Furthermore, I don't need to be added to the private list as I don't
need/want to be part of strategy or main orientations discussions for Ofbiz.
2016-07-25 11:27 GMT+02:00 Scott Gray :
>
Why would we do that? Security concerns are the responsibility of the PMC
and supposed to be kept confidential until resolved aren't they?
On 25 July 2016 at 20:31, Jacques Le Roux
wrote:
> I guess we need at least a separate list to grant access to non
> OFBiz-PMC/ASF members
>
> Jacques
>
>
>
I guess we need at least a separate list to grant access to non OFBiz-PMC/ASF
members
Jacques
Le 25/07/2016 à 06:38, Scott Gray a écrit :
Do we actually need a separate mailing list, or should it just forward to
private@?
Regards
Scott
On 25 July 2016 at 15:58, Ashish Vijaywargiya <
ashish.
+1
Le 24/07/2016 à 14:32, Jacopo Cappellato a écrit :
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been used for this
purpose until now; however an ad-hoc list may be useful because it could
provide a more focused space to
+1
Thanks & Regards
--
Deepak Dixit
www.hotwaxsystems.com
On Mon, Jul 25, 2016 at 10:08 AM, Scott Gray
wrote:
> Do we actually need a separate mailing list, or should it just forward to
> private@?
>
> Regards
> Scott
>
> On 25 July 2016 at 15:58, Ashish Vijaywargiya <
> ashish.vijaywarg...@hot
Do we actually need a separate mailing list, or should it just forward to
private@?
Regards
Scott
On 25 July 2016 at 15:58, Ashish Vijaywargiya <
ashish.vijaywarg...@hotwaxsystems.com> wrote:
> +1
>
> --
> Kind Regards
> Ashish Vijaywargiya
> HotWax Systems - est. 1997
>
>
> On Sun, Jul 24, 2016
+1
--
Kind Regards
Ashish Vijaywargiya
HotWax Systems - est. 1997
On Sun, Jul 24, 2016 at 6:02 PM, Jacopo Cappellato <
jacopo.cappell...@hotwaxsystems.com> wrote:
> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used
+1
On 24/07/2016 14:32, Jacopo Cappellato wrote:
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been used for this
purpose until now; however an ad-hoc list may be useful because it could
provide a more focused space to dis
Mmm... I must also add that ASF members have access to other PMCs private MLs
Jacques
Le 24/07/2016 à 14:56, Jacques Le Roux a écrit :
Le 24/07/2016 à 14:55, Jacques Le Roux a écrit :
Yes Michael.
Le 24/07/2016 à 14:43, Michael Brohl a écrit :
The "private" mailing list is only for PMC membe
+1
Thanks
Sharan
On 24/07/16 14:32, Jacopo Cappellato wrote:
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been used for this
purpose until now; however an ad-hoc list may be useful because it could
provide a more focused
+1
On 24/07/2016 14:32, Jacopo Cappellato wrote:
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been used for this
purpose until now; however an ad-hoc list may be useful because it could
provide a more focused space to disc
+1 good idea
On Jul 24, 2016 3:56 PM, "Jacques Le Roux"
wrote:
Le 24/07/2016 à 14:55, Jacques Le Roux a écrit :
> Yes Michael.
>
> +1 for me also for the security list
>
> I noted that this will allow your contact info to be published here:
> https://www.apache.org/security/projects.html
>
Typo
Le 24/07/2016 à 14:55, Jacques Le Roux a écrit :
Yes Michael.
+1 for me also for the security list
I noted that this will allow your contact info to be published here:
https://www.apache.org/security/projects.html
Typo, it's : our contact info
Jacques
Thanks
Jacques
Le 24/07/2016 à 14:43
Yes Michael.
+1 for me also for the security list
I noted that this will allow your contact info to be published here:
https://www.apache.org/security/projects.html
Thanks
Jacques
Le 24/07/2016 à 14:43, Michael Brohl a écrit :
+1
The "private" mailing list is only for PMC members of the p
+1
2016-07-24 14:32 GMT+02:00 Jacopo Cappellato <
jacopo.cappell...@hotwaxsystems.com>:
> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used for this
> purpose until now; however an ad-hoc list may be useful because i
+1
The "private" mailing list is only for PMC members of the project?
Regards,
Michael Brohl
ecomify GmbH
www.ecomify.de
Am 24.07.16 um 14:32 schrieb Jacopo Cappellato:
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been
Rationale: every ASF project needs a private list to discuss product
vulnerabilities; for OFBiz the "private" list has been used for this
purpose until now; however an ad-hoc list may be useful because it could
provide a more focused space to discuss the security issues and could
provide more flexi
24 matches
Mail list logo
