Fedora 7 and the Security Response Team
Ville Skyttä
ville.skytta at iki.fi
Thu Jun 21 17:45:20 UTC 2007
On Tuesday 12 June 2007, Kevin Fenzi wrote:
> At the same time, bugs that are public already I think it's good to see
> progress on the list/in bugzilla. We may spot cases where maintainers
> need help, want more info, or otherwise could use input from the
> security list.
+1, and we avoid doing duplicate work ourselves when we see someone else has
already reported issues we're about to investigate/report.
But of course, embargoed issues should not be leaked anywhere in public.
Apart from just not Cc'ing the list and marking the bug as confidential in
Bugzilla with a clear note why it is being marked confidential, I don't have
many ideas how to handle that. Not that I would personally currently have
access to non-public issues anyway ;)
More information about the security
mailing list