Re: Apache Security Process

Done. On Thu, Jun 9, 2016 at 8:01 AM, Casey Stella wrote: > So, evidently this is something only mentors or people from the Incubator > PMC can do. > Will one of the mentors please request this for us @ > https://infra.apache.org/officers/mlreq/incubator > ? > > Thanks, > >

Re: Apache Security Process

So, evidently this is something only mentors or people from the Incubator PMC can do. Will one of the mentors please request this for us @ https://infra.apache.org/officers/mlreq/incubator ? Thanks, Casey On Thu, Jun 9, 2016 at 10:35 AM, Casey Stella wrote: > I filed a

Re: Apache Security Process

While we're on the topic, what is the policy for things such as https://scan.coverity.com/ ? Would it be acceptable to use the "Only project summary is available to all users" project access? This has been brought up in a separate thread. Thanks, Jon On Thu, Jun 2, 2016 at 1:30 PM Owen

Re: Apache Security Process

I'd also recommend that you create a secur...@metron.incubator.apache.org for users to report any security issues they discover. .. Owen On Thu, Jun 2, 2016 at 10:28 AM, Casey Stella wrote: > Sorry, it's deleted now. We will be more careful in the future. > > Thanks for

Re: Apache Security Process

Sorry, it's deleted now. We will be more careful in the future. Thanks for the vigilance, Larry. Casey On Thu, Jun 2, 2016 at 1:24 PM, larry mccay wrote: > All - > > Please become familiar with of the Apache process for reporting, > discussing, filing JIRAs and fixing

Apache Security Process

All - Please become familiar with of the Apache process for reporting, discussing, filing JIRAs and fixing security vulnerabilities [1]. METRON-198 has exposed more than we should in a public manner and the attached report should be removed. Details of any particular issues should only be