Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:96702 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 40105 invoked from network); 1 Nov 2016 22:28:47 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 1 Nov 2016 22:28:47 -0000 Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.42 as permitted sender) X-PHP-List-Original-Sender: jakub.php@gmail.com X-Host-Fingerprint: 209.85.213.42 mail-vk0-f42.google.com Received: from [209.85.213.42] ([209.85.213.42:34575] helo=mail-vk0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C8/90-34238-D1719185 for ; Tue, 01 Nov 2016 17:28:46 -0500 Received: by mail-vk0-f42.google.com with SMTP id x186so82915193vkd.1 for ; Tue, 01 Nov 2016 15:28:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=udcPcz/2qe+tB6w6ccdjmYJMDFtna0C/4+YP6tKBwzo=; b=UeeXELutbIsXyHI7wnnpoo1ziVjUvMR/GUpQi6CTwZ+Q+tv0yeMXKPz5iSNKLQAV9T MqWfGY78vwirwVzDEH/t7HQ64KQeMq7HkqsNgqFXA5bPZKRdcVLxK2IMUPyM3ZTp7uKt czgCxj8wKjnHJrnNmbBXt+twrUIkJmLMbIKYfoubLNzTpgrz855FENhPj7ZCQUpymPoc eaAGNj9BY0gA0qIYIKOH1/BV538hxuvEY22+d+OiyF9RHwlUVI6GvZNBzU6Tu9S0Qrzc 1qJ1o4Tlc4GNn0EPjx8xZ6gjUHeFFJVa6jRIgzNX3IHlFo1HoZpIEQQyYeg2HfKeVNFJ BX0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=udcPcz/2qe+tB6w6ccdjmYJMDFtna0C/4+YP6tKBwzo=; b=fzgWjCIEEarD2C6eX5IJpvMFOyj4WGEeUkaT23IQsdAfHqn2bKGzD9xJLIc3XX9v3v wgWNPrP2AxSI5oONiSpb+aMKz1GiD7gl5RFt/eZSM7zsGMRWpGVCjikfuGVAQb6DdIZM LMpga7LBM8YQjidU1/p4rqm6CnTu98S1GHaVZWk3/rz/UZRPFApbdmfM0k587f/aeqQH HR/Aew8oC06ed9+8fpKnu4ez4ybGXoL9h+1EnJrfXXwnG4s9OBOwfxVNYvhw5Thr9BGz akVEDgoKYUkZR4sXa44RA2VgVhoUJgK//6SGxcxB5/QZGnQjN3m5UJnsHgQ5idwDgvy4 1JMA== X-Gm-Message-State: ABUngvf/q/Z2vhL+1HJbIFlOI1PbuKQuzHxkC/NHfVrQNb3FPsIR3WylP2isxJUJdPeg3dn98NzbixVSzRMTjA== X-Received: by 10.31.178.198 with SMTP id b189mr286839vkf.70.1478039307727; Tue, 01 Nov 2016 15:28:27 -0700 (PDT) MIME-Version: 1.0 Sender: jakub.php@gmail.com Received: by 10.31.174.20 with HTTP; Tue, 1 Nov 2016 15:28:26 -0700 (PDT) Received: by 10.31.174.20 with HTTP; Tue, 1 Nov 2016 15:28:26 -0700 (PDT) In-Reply-To: <5b11b713-86e7-02da-c00e-d4f40ef123cc@gmail.com> References: <3a5408bc-b71d-920c-45e4-b9be02350b6c@gmail.com> <01a901d22e06$ca4e3450$5eea9cf0$@belski.net> <5b11b713-86e7-02da-c00e-d4f40ef123cc@gmail.com> Date: Tue, 1 Nov 2016 22:28:26 +0000 X-Google-Sender-Auth: R7QU1FR_90mVLIDjaJriAa5kU9o Message-ID: To: Stanislav Malyshev Cc: Rasmus Lerdorf , Anatol Belski , PHP Internals Content-Type: multipart/alternative; boundary=001a1143f082e6b9a2054044d72c Subject: Re: [PHP-DEV] Security issue handling From: bukka@php.net (Jakub Zelenka) --001a1143f082e6b9a2054044d72c Content-Type: text/plain; charset=UTF-8 Hi On Sun, Oct 30, 2016 at 10:09 PM, Stanislav Malyshev wrote: > > > Great, thanks! So besides assigning the issues for the said extensions > to you, what model for coordinating reviews would you prefer? > I'm not sure what the current flow is but it would be great to send info about fixed issues (e.g. patches ready for review or link on the fix in the security repo) to sec mailing list. Then it should be easier to do the review. If someone could add me to the security mailing list, security repo and possibly access to the security bugs, that would be great - it would allow me to do the reviews or fix some of the issues. Cheers Jakub --001a1143f082e6b9a2054044d72c--