Re: security@ovirt.org mailing list
* Carl Trieloff (cctrieloff(a)redhat.com) wrote:
I think as long as the key members from each project are on the
list,
and it is oVirt project wide I think it will work. If we do a private
list we can control the subscriptions to maintainers or something like
that. I would be interested to know if any projects have a public
security list. I don't know of any, but am going to google around a bit.
I'm not familiar with any. I haven't looked, but in all the projects
I've been involved in directly or indirectly the list was private. The
private list can work with distros via linux-distros(a)openwall.org list to
privately discuss things like embargo dates and oss-security(a)openwall.org
to openly discuss security issues (CVE request, classes of bugs, etc).
thanks,
-chris