[VOTE][RESULT] Create the "security" mailing list for the OFBiz project

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[VOTE][RESULT] Create the "security" mailing list for the OFBiz project

Jacopo Cappellato-5
The vote is successful with 15 positive (i.e. "+1") votes (of which 8 are
binding votes), no negative votes.
I will proceed with the request for the new mailing list to the ASF Infra.

Thank you all.

Jacopo

On Sun, Jul 24, 2016 at 2:32 PM, Jacopo Cappellato <
[hidden email]> wrote:

> Rationale: every ASF project needs a private list to discuss product
> vulnerabilities; for OFBiz the "private" list has been used for this
> purpose until now; however an ad-hoc list may be useful because it could
> provide a more focused space to discuss the security issues and could
> provide more flexibility to invite in the private list persons willing to
> help that are trusted by the PMC.
>
> Please vote,
>
> +1
>
> to create a "security" list (i.e. [hidden email]) and move all
> the security related discussions and notifications currently happening on
> the private list to this new list: according to the ASF policies [*] the
> list will be a private list used by the persons willing to help to resolve
> security issues; the list of subscribers will be approved by the OFBiz PMC.
>
> Otherwise vote -1 to continue to use the "private" mailing list for
> vulnerability handling.
>
> [*] http://www.apache.org/security/
>