[ovirt-users] [ovirt-announce] [ANN] oVirt 3.4.4 Release is now available
Sven Kieske
s.kieske at mittwald.de
Wed Sep 24 07:31:36 UTC 2014
On 23/09/14 23:05, Sandro Bonazzola wrote:
> [1] http://www.ovirt.org/OVirt_3.4.4_Release_Notes
First, thanks for the new release, but I have one objection to make:
Hidden in the release notes we find:
BZ 1139000 - CVE-2014-3573 ovirt-engine-backend: oVirt Engine: XML
eXternal Entity (XXE) flaw in backend module
So I'd like to discuss if security fixes should not be highlighted
somewhat more?
I'd expect the following:
a) Mention at least that CVEs where fixed in this release in the
announcement.
b) a category "security patches" (or similar) in the release notes
where these fixes get listed.
c) This new category should be at the top of the release notes.
What do you think?
--
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
More information about the Users
mailing list