Difference between revisions of "Security"

From fd.io
Jump to: navigation, search
(add security response team and link to advisories page)
m (fix link to vulnerability management document)
Line 5: Line 5:
 
Anyone can post to this list. The subscribers are only trusted individuals who will handle the resolution of any reported security issues in confidence. In your report, please note how you would like to be credited for discovering the issue and the details of any embargo you would like to impose.
 
Anyone can post to this list. The subscribers are only trusted individuals who will handle the resolution of any reported security issues in confidence. In your report, please note how you would like to be credited for discovering the issue and the details of any embargo you would like to impose.
  
The fd.io vulnerability management process is [[TSC:Vulnerability Management Process| documented here]].
+
The fd.io vulnerability management process is [[TSC:Vulnerability Management| documented here]].
  
 
== Security Response Team ==
 
== Security Response Team ==

Revision as of 00:46, 30 August 2016

Reporting Security Issues

Please report any security issues you find in fd.io to: security@lists.fd.io.

Anyone can post to this list. The subscribers are only trusted individuals who will handle the resolution of any reported security issues in confidence. In your report, please note how you would like to be credited for discovering the issue and the details of any embargo you would like to impose.

The fd.io vulnerability management process is documented here.

Security Response Team

At the August, 25th 2016 TSC meeting, the TSC approved the security response team charter and initial membership:

  • David Jorm (elected chair)
  • Ed Warnicke
  • Jim Thompson
  • Dave Wallace
  • Mathieu Lemay

The team can be reached at the above private security mailing list.

Security advisories

The security advisories page lists all security vulnerabilities fixed in fd.io.