Draft Ground Rules
Andrew John Hughes
ahughes at redhat.com
Wed Jul 13 09:47:23 PDT 2011
On Wed, Jul 13, 2011 at 08:44:40AM -0700, Roger Calnan wrote:
> >> Rule 8: For changes submitted for inclusion into a public JDK 7 Update forest, the corresponding bug tracker entry SHOULD be publicly visible.
> >>
> >
> > +1, but what about security issues?
>
> they should be handled today on a need-to-know basis until the GA of the CPU, with you/redhat
> being one of the parties who need-to-know.
>
Sorry, I should have been clearer. I know how things work before the
embargo passes. I was referring specifically to bug reports and that,
with the current system, these remain blocked after the security
release.
With the Red Hat bug system, Bugzilla allows us to mark comments &
attachments individually as private so a bug report can be exposed but
certain details elided from public consumption. I don't know what the
current status of the OpenJDK bug system is, but doing something
similar seems appropriate for security issues.
> Roger
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
More information about the jdk7u-dev
mailing list