Updated Branches: refs/heads/trunk 24b1d75b8 -> beec33c4f
docs: Add security section. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/b3df2b24 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/b3df2b24 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/b3df2b24 Branch: refs/heads/trunk Commit: b3df2b2439e87f96f95be8e763dd64b7211db430 Parents: 24b1d75 Author: Tomaz Muraus <[email protected]> Authored: Tue Oct 29 22:45:51 2013 +0100 Committer: Tomaz Muraus <[email protected]> Committed: Tue Oct 29 22:45:51 2013 +0100 ---------------------------------------------------------------------- docs/index.rst | 9 +++++++++ docs/security.rst | 28 ++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/libcloud/blob/b3df2b24/docs/index.rst ---------------------------------------------------------------------- diff --git a/docs/index.rst b/docs/index.rst index c9df0de..71a5358 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -60,6 +60,15 @@ Committer Guide committer_guide +Other +----- + +.. toctree:: + :glob: + :maxdepth: 3 + + security + .. note:: Unless noted otherwise, all of the examples and code snippters in the http://git-wip-us.apache.org/repos/asf/libcloud/blob/b3df2b24/docs/security.rst ---------------------------------------------------------------------- diff --git a/docs/security.rst b/docs/security.rst new file mode 100644 index 0000000..222eb16 --- /dev/null +++ b/docs/security.rst @@ -0,0 +1,28 @@ +Security +======== + +.. _security: + +Reporting a vulnerability +------------------------- + +.. note:: + + Please do **not** report security issues using our public JIRA instance. Use + the private mailing list described bellow. + +If you believe you found a security issue or a vulnerability, please send a +description of it to our private mailing list at [email protected] + +You are also encouraged to encrypt this email using PGP. Keys of our developers +can be found at https://www.apache.org/dist/libcloud/KEYS. + +Once you've submitted an issue, you should receive an acknowledgment from one +our of team members in 48 hours or less. If further action is necessary, you +may receive additional follow-up emails. + +How are vulnerabilities handled? +-------------------------------- + +We follow a standard Apache Software Foundation vulnerability handling process +which is described at http://www.apache.org/security/committers.html#vulnerability-handling
