[Openstack-security] OSSN-0013 ready for review

Bryan D. Payne bdpayne at acm.org
Mon May 5 20:35:54 UTC 2014 

I think it makes sense to assign the OSSN number as early as possible.  If
they are published out of order... I'm not too worried about that.


On Mon, May 5, 2014 at 12:59 PM, Nathan Kinder <nkinder at redhat.com> wrote:

>
>
> On 05/05/2014 12:39 PM, Bhandaru, Malini K wrote:
> > We have two OSSN-0013s making their way!
> > Need a better number reservation system. :-)
>
> Let's let Rob take OSSN-0013, and the one you are working on can be
> OSSN-0014.
>
> If we want to reserve a number, we could grab it on the OSSN wiki page
> ahead of time.  My concern with this is that  someone could grab a
> number to start writing a security note, then disappear for some time
> (or the issue takes a lot of back and forth to get through review).  In
> the meantime, other notes might be written and published.  This will
> result in the numbers being out of sequence.  It's not the end of the
> world, but it is a bit confusing.  This isn't a theoretical situation
> either, as OSSN-0010 was published after OSSN-0011 and OSSN-0012:
>
>     https://wiki.openstack.org/wiki/Security_Notes
>
> The alternative is that we assign the number at publishing time.  This
> requires more diligence at patch approval time to ensure that we don't
> duplicate a number and might require patch rework to renumber things
> (which is what we're going through right now).
>
> What preferences do others have on this?
>
> Thanks,
> -NGK
>
> > Malini
> >
> > -----Original Message-----
> > From: Clark, Robert Graham [mailto:robert.clark at hp.com]
> > Sent: Friday, May 02, 2014 1:51 AM
> > To: openstack-security at lists.openstack.org
> > Subject: [Openstack-security] OSSN-0013 ready for review
> >
> > https://review.openstack.org/#/c/91755/
> >
> > _______________________________________________
> > Openstack-security mailing list
> > Openstack-security at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
> >
> > _______________________________________________
> > Openstack-security mailing list
> > Openstack-security at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
> >
>
> _______________________________________________
> Openstack-security mailing list
> Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140505/0177c57e/attachment.html>

More information about the Openstack-security mailing list