[mapserver-dev] "Security/Vulnerability (Private)" tickets are not private
Lime, Steve D (MNIT)
Steve.Lime at state.mn.us
Tue Nov 12 13:05:06 PST 2013
Interesting idea. Wonder if OSGeo would host it? Anyone know what other projects are doing in this regard?
-----Original Message-----
From: mapserver-dev-bounces at lists.osgeo.org [mailto:mapserver-dev-bounces at lists.osgeo.org] On Behalf Of Sebastiaan Couwenberg
Sent: Tuesday, November 12, 2013 2:46 PM
To: MapServer Dev Mailing List
Subject: Re: [mapserver-dev] "Security/Vulnerability (Private)" tickets are not private
On 11/12/2013 09:03 PM, thomas bonfort wrote:
> I'm open as to how we should treat those: a private psc/security
> mailing list, a shared googledoc, others?
RTIR may be an option. It's the RT ticketing system customized for security response teams. It can be used to track security issues reported to security at mapserver.org, and the communication with the various distribution security teams.
http://www.bestpractical.com/rtir/
Kind Regads,
Bas
--
GnuPG: 0xE88D4AF1 (new) / 0x77A975AD (old) _______________________________________________
mapserver-dev mailing list
mapserver-dev at lists.osgeo.org
http://lists.osgeo.org/mailman/listinfo/mapserver-dev
More information about the mapserver-dev
mailing list