Juju needs security contacts
Gustavo Niemeyer
gustavo.niemeyer at canonical.com
Mon Aug 27 15:18:44 UTC 2012
Thanks for pushing this forward Clint.
On Thu, Aug 23, 2012 at 10:26 PM, Clint Byrum <clint at ubuntu.com> wrote:
> * Commit fixes to public branches and send notifications about security fix.
When we do face a significant threat, publishing to a public branch at
the announcement time isn't enough. People should actually have a good
path to make use of the fix. Secrecy isn't worth much if the bad guys
can still make use of the problem significantly earlier than people
have a chance to fix it.
gustavo @ http://niemeyer.net
More information about the Juju
mailing list