)]}'
{
  "commit": "62622c11f230edddcc47aabe2d988555bf125993",
  "tree": "233a57ca05c128519d72eac03162ba659c203642",
  "parents": [
    "c8097612ce21ad2d2b6b5d4b6495d71d52fa423d"
  ],
  "author": {
    "name": "Michael S. Tsirkin",
    "email": "mst@redhat.com",
    "time": "Thu Apr 17 16:45:46 2014 +0300"
  },
  "committer": {
    "name": "Michael S. Tsirkin",
    "email": "mst@redhat.com",
    "time": "Wed May 07 19:14:57 2014 +0300"
  },
  "message": "MAINTAINERS: addresses for responsible disclosure\n\nAdding addresses to MAINTAINERS, as agreed on the last conference call:\n\nhttp://wiki.qemu.org/SecurityProcess\n\nPeople sometimes detect security issues in upstream\nQEMU and don\u0027t know where to report them in a non-public way.\nOf course whoever just wants full disclosure can just go public,\nbut there\u0027s nothing specified for non-public - until recently Anthony\nwas doing this informally.\n\nAs I started doing this recently anyway, I can handle this on the QEMU side\nin a more formal way.\n\nAdding a secalert mailing list as well - they are the ones who is actually\nopening CVEs, communicating issues to all downstreams etc,\nand they are already handling this for upstream, not just Red Hat.\n\nKeeping Anthony\u0027s address around in case he wants to be informed.\n\nPeter Maydell said that he prefers not to be on this contact list at\nthis point.\n\nA public mailing list has been created - not listing it here yet -\nuntil we know how to set it up in a secure fashion and\nuntil there are more people so manually copying everyone\nbecomes unwieldy for reporters.\n\nSigned-off-by: Michael S. Tsirkin \u003cmst@redhat.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "b287ef893918730cedc0081eceef201d3aa909da",
      "old_mode": 33188,
      "old_path": "MAINTAINERS",
      "new_id": "3f1ad121df38872d102480520e4adca9ecc08d24",
      "new_mode": 33188,
      "new_path": "MAINTAINERS"
    }
  ]
}