What if we digest the audience and list the scope (different projects which
are impacted/offering mitigations) in a more conversational tone, mention
the httpoxy URL and just point the reader to
https://www.apache.org/security/asf-httpoxy-response.txt for all the
detailed workarounds we've offered?
Hi Everyone
I just saw Mark's mail and realised that it's been a few weeks since my last
update, so I'd like to give you another brief update about what has been
happening.
Hackbright Webinar
Nick Burch has volunteered (can I use that word? :-) to present the Apache
Intro and I'll hopefully b
Ok, well, let me know what you want posted, and I'll be glad to
facilitate. I presume we want this done soon or not at all, so I'll be
ready whenever you let me know.
On Jul 19, 2016 04:06, "Bertrand Delacretaz" wrote:
> On Mon, Jul 18, 2016 at 4:14 PM, William A Rowe Jr
> wrote:
> > ...Does i
On 10/06/2016 10:49, Mark Thomas wrote:
> On 30/05/2016 19:55, Mark Thomas wrote:
>> On 30/05/2016 18:30, Ross Gardler wrote:
>>> Yes. Thanks to everyone working this out.
>>
>> Done. Thanks Marvin.
>>
>> The next step is to expand the list of contacts. The call for volunteers
>> was made on the pr
On Mon, Jul 18, 2016 at 4:14 PM, William A Rowe Jr wrote:
> ...Does it make sense to blog this, or at least R/T from @TheASF? ...
I'd say tweet and maybe also write a foundation blog post to announce
that advisory, but do not duplicate the advisory content on the blog
(assuming the URL that you m
