[Openstack-docs] OpenStack Security Notes (OSSN)
Summer Long
slong at redhat.com
Fri Feb 14 02:56:26 UTC 2014
I know these are a form of errata, is there any way to get them put into the OpenStack Release Notes?
--
Summer Long
OpenStack Documentation Lead
Engineering Content Services
Red Hat Asia Pacific
Brisbane, Austral ia
slong at redhat.com | irc: slong
----- Original Message -----
> From: "Anne Gentle" <anne.gentle at rackspace.com>
> To: "Andreas Jaeger" <aj at suse.com>
> Cc: openstack-docs at lists.openstack.org
> Sent: Friday, February 14, 2014 8:25:33 AM
> Subject: Re: [Openstack-docs] OpenStack Security Notes (OSSN)
> On Thu, Feb 13, 2014 at 3:14 PM, Andreas Jaeger < aj at suse.com > wrote:
> > On 02/13/2014 08:29 PM, Anne Gentle wrote:
>
> > > Hi all,
>
> > > I'd like to propose putting the OpenStack Security Notes (OSSN) in a
>
> > > repository under the Documentation umbrella, using the git/gerrit
>
> > > workflow to maintain and review those notes. Currently they're published
>
> > > on the OpenStack wiki [1] and use a template on the wiki. [2]
>
> > >
>
> > > I think using a git/gerrit process and finding a way to publish these
>
> > > with the OpenStack Security Guide [3] would be a great step. Wanted to
>
> > > see what you all think as well -- appreciate any input or considerations
>
> > > we should make.
>
> > I'm fine with publishing them and using our review process for them.
>
> > I'm just not sure whether the Security Guide is the right place or
>
> > whether these should be published as a separate guide. We can start
>
> > either way and change later ;)
>
> > Is there some privacy involved in writing these before they get released?
>
> Good question. I know the reporting process is purposely planned for
> protection, see https://wiki.openstack.org/wiki/VulnerabilityManagement .
> So I would guess that once something warrants a note, the secrecy/privacy is
> done and the main goal is to communicate effectively.
> Anne
> > Andreas
>
> > > Thanks,
>
> > > Anne
>
> > >
>
> > > 1 https://wiki.openstack.org/wiki/Security_Notes
>
> > > 2 https://wiki.openstack.org/wiki/Security/Security_Note_Process
>
> > > 3 http://docs.openstack.org/sec/
>
> > >
>
> > >
>
> > > _______________________________________________
>
> > > Openstack-docs mailing list
>
> > > Openstack-docs at lists.openstack.org
>
> > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>
> > >
>
> > --
>
> > Andreas Jaeger aj@{ suse.com , opensuse.org } Twitter/Identica: jaegerandi
>
> > SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
>
> > GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg)
>
> > GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
>
> > _______________________________________________
>
> > Openstack-docs mailing list
>
> > Openstack-docs at lists.openstack.org
>
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
>
> _______________________________________________
> Openstack-docs mailing list
> Openstack-docs at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-docs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-docs/attachments/20140213/fd0d8701/attachment.html>
More information about the Openstack-docs
mailing list