[Wikimedia-l] Wikimedia Foundation's non-disclosure agreement

Brandon Harris bharris at wikimedia.org
Thu Mar 7 00:08:23 UTC 2013

On Mar 6, 2013, at 1:40 PM, Tomasz W. Kozłowski <odder.wiki at gmail.com> wrote:

> I can't see why a Bugzilla
> administrator would be required to sign an NDA -- is there anything
> secret when it comes to bugs in a GPL-licenced software?

	Well.  These security bugs are zero-day exploits and often contain patches or other juicy tidbits that will allow hostile individuals to attack sites running vulnerable versions of MediaWiki - including our own cluster - until the hole is closed.

	So yes.  There's a need for an NDA there.

Brandon Harris, Senior Designer, Wikimedia Foundation

Support Free Knowledge: http://wikimediafoundation.org/wiki/Donate

More information about the Wikimedia-l mailing list