2008.08.29 22:53 "[Tiff] Some security fixes from RHEL", by Even Rouault

2008.09.03 14:07 "Re: [Tiff] Some security fixes from RHEL", by Frank Warmerdam

On Wed, Sep 03, 2008 at 01:19:44AM +0930, Ron wrote:

A list of people who should receive embargoed reports for comment seems like a useful thing to have instead of leaving individuals here as a single 'point of failure' when patches from security auditors need to be reviewed

Ron,

That is a good idea. I just added the following paragraph to our "Bugs" page:

"If you'd like to inform us about some kind of security issue that should not be disclosed for a period of time, then you can contact maintainers directly. Send a copies of your report to the following people: Frank Warmerdam <warmerdam@pobox.com>, Andrey Kiselev <dron@ak4719.spb.edu>."

Lee, feel free to add yourself to the list if you'd like.

Folks,

I have also added a COMMITERS file in the libtiff directory so we can hopefully do a cleaner job of keeping track of commiters and their contact info. It might be appropriate to add areas of interest to this.

Best regards,
--
---------------------------------------+--------------------------------------

I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam

and watch the world go round - Rush    | Geospatial Programmer for Rent