Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[eclipse.org-architecture-council] [Bug 343681] New: Security procedures: Distribution 
https://bugs.eclipse.org/bugs/show_bug.cgi?id=343681
Product/Component: Community / Architecture Council

           Summary: Security procedures: Distribution
    Classification: Eclipse Foundation
           Product: Community
           Version: unspecified
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Architecture Council
        AssignedTo: eclipse.org-architecture-council@xxxxxxxxxxx
        ReportedBy: wayne@xxxxxxxxxxx
            Blocks: 337004


The security policy must address distribution issues.

"All Vulnerabilities affecting projects that participate in the Simultaneous
Release must be reported to the Planning Council prior to full disclosure to
the community at large. Disclosure of a Vulnerability must be coordinated with
the distribution of the updated software from the Project's own distribution
channels, the Simultaneous Release repository, and EPP packages."

I need to add a little something about the Planning Council deciding whether or
not to respin.

I figure the actual communication will happen via direct email from the project
leadership to their PMC's Planning Council Representative.

Thoughts?

-- 
Configure bugmail: https://bugs.eclipse.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Back to the top