On Wed, Mar 30, 2016 at 06:11:33PM -0300, Flavio Leitner wrote:
> On Wed, Mar 30, 2016 at 10:22:13AM -0700, Ben Pfaff wrote:
> > SECURITY.md currently says:
> >
> > A disclosure date is negotiated by the security team working with the
> > bug submitter as well as vendors. However, the Ope
On Wed, Mar 30, 2016 at 10:22:13AM -0700, Ben Pfaff wrote:
> SECURITY.md currently says:
>
> A disclosure date is negotiated by the security team working with the
> bug submitter as well as vendors. However, the Open vSwitch security
> team holds the final say when setting a disclosur
SECURITY.md currently says:
A disclosure date is negotiated by the security team working with the
bug submitter as well as vendors. However, the Open vSwitch security
team holds the final say when setting a disclosure date. The timeframe
for disclosure is from immediate (esp. if
