Okay -- they should feel free to request access if they so desire it.
One email request should do.
On Aug 30, 2009, at 7:43 PM, Michael S Gilbert wrote:
On Fri, 21 Aug 2009 14:44:45 -0700 Aaron Sigel wrote:
I'd like to nominate debian to join the webkit-security list, but I'd
also like it if the addresses / people I nominated were @debian.org.
Who should I nominate? Names + email address would be appreciated.
Aaron
On Aug 9, 2009, at 10:00 PM, Michael S Gilbert wrote:
hello,
i sent the following mail a few weeks ago, and have not heard
anything
yet. security of your downstream vendors is of utmost importance
for
webkit to gain traction as a trustable browser engine.
if downstreams are not going to be able to get sufficient access to
security information, users will start to notice and will stick with
more trustable products that have "mature" security practices, like
mozilla.
is there any way that you could provide this info to debian? you
don't even have to go through me. you can contact their private
list
if you so desire: [email protected]; although that should not
be necessary since all of these issues are already public.
mike
On Sun, Jul 19, 2009 at 8:42 PM, Michael S Gilbert wrote:
hello,
the debian project (and likely other webkit downstreams) are in
desparate need
of assistance triaging the deluge of 30+ webkit security bugs that
came through
apple recently [1]. the problem, of course, is that the apple
announcements
are effectively useless since there is no information about patches
and bug
reports for the problems. hence, it makes it very difficult to
determine which
webkit versions are affected; and also to find the patches needed
to address
the problems.
if you can help me track down the patches/bug reports, that would
be
great. thank
you for any assistance you can provide.
i haven't seen anyone respond to this for a couple weeks, so i'll
chime
in to get the ball rolling. Florian Wiemer (fw at debian dot org),
Nico Golde (nion at debian dot org), Thijs Kinkhorst (thijs at
debian dot org ), and Moritz Muehlenhoff (jmm at debian dot org) are
the
big names in debian security. Florian, in particular, deals with
most of
the vendor-sec issues. hopefully one or more of them would be
interested in participating on the webkit security team/list.
mike
_______________________________________________
Secure-testing-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
