| 1 |
Koon wrote: |
| 2 |
|
| 3 |
> OK, so the process (and groups in charge) is : |
| 4 |
> |
| 5 |
> - Vulnerability is found, posted on specific software announce lists |
| 6 |
> and/or general purpose security-lists) |
| 7 |
> - User A that reads these groups posts a bugzilla entry |
| 8 |
> - Developer/User B submits corrective ebuild on bugzilla |
| 9 |
> - Developer C tests/inserts ebuild in official ~tree(s) |
| 10 |
> - Developer D pushes ebuild in official stable tree(s) |
| 11 |
> - SecurityGuy E writes a GLSA |
| 12 |
> - SecurityChief F approves GLSA for posting |
| 13 |
|
| 14 |
Ops, too late, read latest Kurt post instead, it's way better than my |
| 15 |
alphabet. |
| 16 |
|
| 17 |
-K |
| 18 |
|
| 19 |
-- |
| 20 |
gentoo-security@g.o mailing list |
Archives