mswilson

## gist:5446082
<h1>Xen.org Security Problem Response Process</h1>
    <h2>Introduction</h2>
    <p>Computer systems have bugs. Currently recognised best practice for bugs
    with security implications is to notify significant downstream users in
    private; leave a reasonable interval for downstreams to respond and prepare
    updated software packages; then make public disclosure.</p>
    <p>We want to encourage people to report bugs they find to us. Therefore we
    will treat with respect the requests of discoverers, or other vendors, who
    report problems to us.</p>
	<h1>Xen.org Security Problem Response Process</h1>
	<h2>Introduction</h2>
	<p>Computer systems have bugs. Currently recognised best practice for bugs
	with security implications is to notify significant downstream users in
	private; leave a reasonable interval for downstreams to respond and prepare
	updated software packages; then make public disclosure.</p>
	<p>We want to encourage people to report bugs they find to us. Therefore we
	will treat with respect the requests of discoverers, or other vendors, who
	report problems to us.</p>