Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define a security process #1035

Closed
D4N opened this issue Oct 11, 2019 · 2 comments
Closed

Define a security process #1035

D4N opened this issue Oct 11, 2019 · 2 comments
Assignees
@clanmills
Milestone
v0.27.4

Comments

@D4N
Copy link
Member

D4N commented Oct 11, 2019

Originally posted by @cryptomilk in #1018 (comment)

For fuzzing and also security related fixes it is important to have the process documented. You can use: https://www.libssh.org/development/security-process/

Write down which versions you support and communicate that. Example: https://wiki.samba.org/index.php/Samba_Release_Planning

This way you can always point people to your processes. The smaller the team the less versions you should have in maintenance mode.

I hope that helps.
@D4N D4N mentioned this issue Oct 11, 2019
Open
@cryptomilk
Copy link
Collaborator

Also get CVEs through the Red Hat Security team, they also assist if something is considered a security issue or not.

@clanmills clanmills self-assigned this Apr 12, 2021
@clanmills clanmills added this to the v0.27.4 milestone Apr 12, 2021
@clanmills
Copy link
Collaborator

Done: #1122.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@clanmills clanmills

Labels
None yet
Projects
None yet
Milestone
v0.27.4
Development

No branches or pull requests
3 participants
@clanmills @cryptomilk @D4N