Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

Changes between Version 11 and Version 12 of SecurityVulnerabilityProcess


Ignore:
Timestamp:
Nov 21, 2010, 9:23:34 AM (13 years ago)
Author:
MarkDoliner
Comment:

Add note about packages mailing list.

Legend:

Unmodified
Added
Removed
Modified
  • SecurityVulnerabilityProcess

    v11 v12  
    4848 2. As the embargo date approaches, a developer should be chosen to commit the fix to their repository.  Do not push yet, but go through the normal release process and prepare the ChangeLog, NEWS, etc.  This developer should also create (but not upload) tarballs.  It's often nice to provide the tarball to packagers prior to the embargo date.
    4949 2. On the day of the embargo, push the changes to the repository and update http://pidgin.im/news/security/
     50
     51= Information for Distributors =
     52Anyone who packages or distributes Pidgin, Finch or libpurple to a large audience is eligible to be on our "packagers" mailing list.  This is a private mailing list that we use to pre-announce security vulnerabilities and organize a disclosure date.  If you think you should be on this mailing list, please send an email to mark@kingant.net and request access.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!