[Openstack-docs] OpenStack Security Notes (OSSN)
Anne Gentle
anne.gentle at rackspace.com
Sat Feb 15 01:48:46 UTC 2014
On Thu, Feb 13, 2014 at 8:56 PM, Summer Long <slong at redhat.com> wrote:
> I know these are a form of errata, is there any way to get them put into
> the OpenStack Release Notes?
>
>
Good observation. It seems they are not included in the six-month release
notes, but they are included in the stable point releases's release notes.
Anne
> --
> Summer Long
> OpenStack Documentation Lead
> Engineering Content Services
>
> Red Hat Asia Pacific
> Brisbane, Australia
> slong at redhat.com | irc: slong
>
> ------------------------------
>
> *From: *"Anne Gentle" <anne.gentle at rackspace.com>
> *To: *"Andreas Jaeger" <aj at suse.com>
> *Cc: *openstack-docs at lists.openstack.org
> *Sent: *Friday, February 14, 2014 8:25:33 AM
> *Subject: *Re: [Openstack-docs] OpenStack Security Notes (OSSN)
>
>
>
>
>
> On Thu, Feb 13, 2014 at 3:14 PM, Andreas Jaeger <aj at suse.com> wrote:
>
>> On 02/13/2014 08:29 PM, Anne Gentle wrote:
>> > Hi all,
>> > I'd like to propose putting the OpenStack Security Notes (OSSN) in a
>> > repository under the Documentation umbrella, using the git/gerrit
>> > workflow to maintain and review those notes. Currently they're published
>> > on the OpenStack wiki [1] and use a template on the wiki. [2]
>> >
>> > I think using a git/gerrit process and finding a way to publish these
>> > with the OpenStack Security Guide [3] would be a great step. Wanted to
>> > see what you all think as well -- appreciate any input or considerations
>> > we should make.
>>
>> I'm fine with publishing them and using our review process for them.
>>
>> I'm just not sure whether the Security Guide is the right place or
>> whether these should be published as a separate guide. We can start
>> either way and change later ;)
>>
>> Is there some privacy involved in writing these before they get released?
>>
>>
> Good question. I know the reporting process is purposely planned for
> protection, see https://wiki.openstack.org/wiki/VulnerabilityManagement.
>
> So I would guess that once something warrants a note, the secrecy/privacy
> is done and the main goal is to communicate effectively.
>
> Anne
>
>
>> Andreas
>>
>> > Thanks,
>> > Anne
>> >
>> > 1 https://wiki.openstack.org/wiki/Security_Notes
>> > 2 https://wiki.openstack.org/wiki/Security/Security_Note_Process
>> > 3 http://docs.openstack.org/sec/
>> >
>> >
>> > _______________________________________________
>> > Openstack-docs mailing list
>> > Openstack-docs at lists.openstack.org
>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>> >
>>
>>
>> --
>> Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi
>> SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
>> GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg)
>> GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
>>
>> _______________________________________________
>> Openstack-docs mailing list
>> Openstack-docs at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>>
>
>
> _______________________________________________
> Openstack-docs mailing list
> Openstack-docs at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>
>
>
> _______________________________________________
> Openstack-docs mailing list
> Openstack-docs at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-docs/attachments/20140214/e75df7fc/attachment-0001.html>
More information about the Openstack-docs
mailing list