On Sat, May 09, 2026 at 11:47:52AM +0200, Willy Tarreau wrote: > This series tries to translate recent discussions on the security list > on how to better handle reports. It details: > - when not to Cc: the security list > - what classes of bugs do not need to be handled privately > - minimum requirements for AI-assisted reports > > As usual, this is probably perfectible but can already help in the short > term as we can point it to reporters, so barring any strong disagreement, > better continue to proceed in small incremental improvements and observe > the effects. > > Thanks! > Willy
<...> > - Leon, I kept your reviewed-by since changes are very minimal and > didn't change the initial spirit. Thanks. The intent is the same, and I'm not the right person to argue over the precise wording anyway.
