Il 24/09/2014 09:31, Sven Kieske ha scritto: > > > On 23/09/14 23:05, Sandro Bonazzola wrote: >> [1] http://www.ovirt.org/OVirt_3.4.4_Release_Notes > > First, thanks for the new release, but I have one objection to make:
Thanks for the highlight, changed subject for making this more visible. > > Hidden in the release notes we find: > > BZ 1139000 - CVE-2014-3573 ovirt-engine-backend: oVirt Engine: XML > eXternal Entity (XXE) flaw in backend module > > So I'd like to discuss if security fixes should not be highlighted > somewhat more? > > I'd expect the following: > > a) Mention at least that CVEs where fixed in this release in the > announcement. > b) a category "security patches" (or similar) in the release notes > where these fixes get listed. > c) This new category should be at the top of the release notes. > > What do you think? Make sense. Updated 3.4.4 Release notes as per points b and c. http://www.ovirt.org/OVirt_3.4.4_Release_Notes -- Sandro Bonazzola Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users