From: Prasad J Pandit <pjp@fedoraproject.org>
Hello,
* After upstream discussions and considering various options like
LaunchPad bugs, GitLab issues etc.
-> https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg04266.html
-> https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg00059.html
We are about to introduce a 'qemu-security' mailing list to receive and
triage upstream QEMU security issues.
* Intention is to allow more community participation in handling and
triaging of the QEMU security issues.
* This change relieves current set of individual contacts from the
responsibility of handling upstream QEMU issues. Of course they are
welcome to the new 'qemu-security' mailing list.
* To simplify the encrypted communication process, we keep only a single
contact of <secalert@redhat.com> from our previous list of contacts.
This way reporters need not look for and manage GPG keys of multiple
contacts.
v1:
* This patch v1 updates the QEMU security-process web page with detailed
process.
-> https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg06234.html
v2:
* Incorporate further inputs and suggestions from upstream reviews.
-> https://lists.nongnu.org/archive/html/qemu-devel/2020-12/msg00568.html
-> https://lists.nongnu.org/archive/html/qemu-devel/2020-12/msg00584.html
I'd appreciate if you have any inputs and/or suggestions for this change.
Thank you.
--
Prasad J Pandit (1):
security-process: update process information
contribute/security-process.md | 154 ++++++++++++++++++++-------------
1 file changed, 95 insertions(+), 59 deletions(-)
--
2.28.0