From: Prasad J Pandit <pjp@fedoraproject.org>

Hello,

* After upstream discussions and considering various options like
  LaunchPad bugs, GitLab issues etc.

  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg04266.html
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg00059.html

  We are about to introduce a 'qemu-security' mailing list to receive and
  triage upstream QEMU security issues.

* Intention is to allow more community participation in handling and
  triaging of the QEMU security issues.

* This change relieves current set of individual contacts from the
  responsibility of handling upstream QEMU issues. Of course they are
  welcome to the new 'qemu-security' mailing list.

* To simplify the encrypted communication process, we keep only a single
  contact of <secalert@redhat.com> from our previous list of contacts.

  This way reporters need not look for and manage GPG keys of multiple
  contacts.

v1:
* This patch v1 updates the QEMU security-process web page with detailed
  process.
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg06234.html

v2:
* Incorporate further inputs and suggestions from upstream reviews.
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-12/msg00568.html
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-12/msg00584.html

I'd appreciate if you have any inputs and/or suggestions for this change.

Thank you.
--
Prasad J Pandit (1):
  security-process: update process information

 contribute/security-process.md | 154 ++++++++++++++++++++-------------
 1 file changed, 95 insertions(+), 59 deletions(-)

--
2.28.0