1 |
Koon wrote: |
2 |
|
3 |
> OK, so the process (and groups in charge) is : |
4 |
> |
5 |
> - Vulnerability is found, posted on specific software announce lists |
6 |
> and/or general purpose security-lists) |
7 |
> - User A that reads these groups posts a bugzilla entry |
8 |
> - Developer/User B submits corrective ebuild on bugzilla |
9 |
> - Developer C tests/inserts ebuild in official ~tree(s) |
10 |
> - Developer D pushes ebuild in official stable tree(s) |
11 |
> - SecurityGuy E writes a GLSA |
12 |
> - SecurityChief F approves GLSA for posting |
13 |
|
14 |
Ops, too late, read latest Kurt post instead, it's way better than my |
15 |
alphabet. |
16 |
|
17 |
-K |
18 |
|
19 |
-- |
20 |
gentoo-security@g.o mailing list |