Hello, at Drupalcon Barcelona I stepped forward to help coordinate the security team. Heine is still the security team lead. It's now been over three months since we've introduced changes to the security team and it's time to review our team and look to add new members.
<br><br><a href="http://drupal.org/node/32750">http://drupal.org/node/32750</a><br><br>You might have noticed that we have had over 30 security announcements in 2007. As a result of expanding security oversight to include not just core, but also contributed modules we've had to try to coordinate the releases. This is due to getting volunteers to review the announcements, as well as coordinating the 4 core maintainers, and at least the security team lead to work together. If you've ever tried to coordinate a meeting across 9 time zones you can imagine how difficult this can be, especially since our release system is automated.
<br><br>If you have availability to review security announcements on a regularly scheduled basis with several days notice please let me know. This is a task that is currently done by Robert Costello, myself, and the reporters of security issues.
<br>If you have security skills and would like to be part of the security team that participates in developing patches for core and contributed vulnerabilities please submit your candidacy to <a href="mailto:security@drupal.org">
security@drupal.org</a>, detailing your skills, and experience.<br>If you would like to help build the security team infrastructure, such as creating a mailing list to inform CVS account holders of security best practices, or help to administer the
<a href="http://security.drupal.org">security.drupal.org</a> website please let us know.<br>If you would like to write documentation or educate the Drupal community about security issues please let us know how you would like to contribute, and we will give handbook permission to write documentation on
<a href="http://Drupal.org">Drupal.org</a>.<br><br>If you find yourself frustrated that the security team is not responding to your issue fast enough, please send a note to the security team expressing your angst combined with your offers to assist in the coordination of other activities. Keeping Drupal sites secure, and helping to coordinate the security releases for over 2400 Drupal projects is an awesome responsibility. Please give the team the benefit of the doubt that we are working hard to deal with a wide range of issues. Our track record over the last several years certainly bears this out.
<br><br>Cheers,<br>Kieran<br><br>-- <br>--------------------------------------------------------------<br>DON'T MISS EARTH'S LARGEST GATHERING OF DRUPAL PROFESSIONALS!<br>Drupalcon Boston 2008 · March 3-6, 2008<br>
Learn more at <a href="http://boston2008.drupalcon.org">http://boston2008.drupalcon.org</a><br>Affordable sponsorship packages available<br>--------------------------------------------------------------