[Openstack-security] OSSN required?
Kurt Seifried
kseifried at redhat.com
Fri Jan 31 05:34:50 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/30/2014 08:44 PM, Nathan Kinder wrote:
> On 01/30/2014 07:34 PM, Kurt Seifried wrote:
>> On 01/30/2014 06:37 PM, Bryan D. Payne wrote:
>>> For me, if it is still supported today then we should issue the
>>> OSSA. -bryan
>
>
>> My understanding is that it requires a code change to fix so to
>> me that sounds like an OSSN.
>
>> In my mind at least OSSN=code change, OSSA=config/docs change.
>> Is that correct?
>
> You have it reversed. That said, an issue described in an OSSN
> might still trigger a code change, though there is usually a
> workaround that the OSSN recommends.
Sorry yeah, OSSA/OSSN mental swap. Derp!
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJS6zX6AAoJEBYNRVNeJnmThpEP/1r1ZghhSqe3oFYpBjALs+Bo
31/wxM6a7EwVE4wi3ijvJFQTL4oj3hf5A1A8ixexYGTaa+wvgH7qP/jD2YXO7I8h
K2H5sJGEBWKisnq0hMf6EpTBkoW1bGI1rcdIC0ZZD6b0FrcYBN2nl37wX+t3+a6z
V3KJNvPrlE6RSDmyFw2/EVErF/NQbBWvgrL27VLgXLSEJVeST4iQBUgwNGzmZCIC
oDGRoYts967cLZb+oU6b6exkDkwfciJB1J5zmBFFsoLG81xfo6w1iiwJoVynzC3g
4hCbtnnL0tBgSpZ6EwXPhXt2O+BRYGu2HV1XzPtpkcj7urZ75XUh5sy6Cq5VpmjZ
mxjrWrQYaIE2Mj4sLIjL6i3nzjAsA4CSVkP0NO5hnvlaxNBNuTCn76ZytKZLZRq9
WBndn0jP/NKO/trputgKU5Kr14HDzOAs4xSu2ecYqMRs6RxjOQRx7wIhE6VVvwXi
Dt6Or9x1em4ZMxVTGr5/jpicQ03jEHDQA6PT8g0e/kedvHISz7o9LEhhH8WNXjAK
Jr1mgeD8qSi88qyWzavJzqU99Bc93OK3ZNjq0y0ox3R2b76eCAzuLLTuC8dl2Eyn
PTslezFuMCDZbk/On3B+AI976LlAT0pYqH2gOBKeIHX2kKxF2NKAVdxbt8XLcils
/78hQuenv0Wbt5eqtngU
=4JJG
-----END PGP SIGNATURE-----
More information about the Openstack-security
mailing list