Posted Jan 8, 2005 19:27 UTC (Sat) by dmarti
Parent article: grsecurity 2.1.0 and kernel vulnerabilities
There's an industry-standard policy for advance notices of vulnerabilites before publication. ORIGINATOR is the person discovering the vulnerability.
It is important that the ORIGINATOR review any documentation included with the object of the ISSUE for indication of a proper method of contact. That failing, the ORIGINATOR should check the web site of the MAINTAINER for methods of contact. Should the ORIGINATOR not be able to locate a suitable email address for the MAINTAINER, the ORIGINATOR should address the ISSUE to:
regardless of their existence. Anyone who could be deemed as a 'MAINTAINER' is encouraged to populate at least some of the above email addresses.
to post comments)