On 23 Mar 2012, at 18:13, NoOp wrote: > > I think that you and Simon are missing the message I was attempting to > convey. I'll repeat my original question: > > Why is it that "security advisories" such as this: > > https://www.libreoffice.org/advisories/CVE-2012-0037/ > > are not posted on the user or announce lists?
No, I'm getting it :-) I just happen to think that a message on the tdf-announce list stating there is a new release that fixes a security issue and pointing to the CVE would be sufficient as everyone here presumably follows that list. People can then follow up the announcement on whichever list(s) they want. I am not a fan of redundant cross-posting. In my view all that's gone wrong this time is that the CVE was not listed in the release announcement. That should probably be fixed next time. S. -- Unsubscribe instructions: E-mail to discuss+h...@documentfoundation.org Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.documentfoundation.org/www/discuss/ All messages sent to this list will be publicly archived and cannot be deleted
