+1
Jacques
Le 17/12/2017 à 12:22, Romain Manni-Bucau a écrit :
+1
Le 17 déc. 2017 12:14, "Mark Thomas" <ma...@apache.org> a écrit :
On 15/12/2017 11:13, Jochen Wiedmann wrote:
Hi,
over the last months we have definitely seen our share of security
related issues. However, I also noticed that we had a tendency to
loose these threads in the overall noise, resulting in mails like "Did
anyone reply to the reporter?"
No, according to Linus Torvalds, that is perfectly fine, because a
security issue is "just another bug". However, I am not Linus, and
would like to see these things in a better state.
As a consequence, I'd like to question how others are handling this.
Could we have a mailing list, like secur...@commons.apache.org,
preferrably with subscription limited to private@ members, and
secur...@apache.org subscribed automatically. (In theory, we could
subscribe selected committers, too.)
+1
Works for me.
Mark
At the very least, this would allow us to create a filter for security
related messages, thereby concentrate our attention.
Jochen
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
