On 23 Mar 2012, at 18:13, NoOp wrote:
I think that you and Simon are missing the message I was attempting to
convey. I'll repeat my original question:
Why is it that "security advisories" such as this:
https://www.libreoffice.org/advisories/CVE-2012-0037/
are not posted on the user or announce lists?
No, I'm getting it :-) I just happen to think that a message on the tdf-announce list stating
there is a new release that fixes a security issue and pointing to the CVE would be sufficient as
everyone here presumably follows that list. People can then follow up the announcement on whichever
list(s) they want. I am not a fan of redundant cross-posting.
In my view all that's gone wrong this time is that the CVE was not listed in the release
announcement. That should probably be fixed next time.
S.
--
Unsubscribe instructions: E-mail to discuss+help@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.