(pulsar-java-contrib) 12/15: [Init] Add SECURITY.md

Tue, 20 Aug 2024 06:06:09 -0700 

This is an automated email from the ASF dual-hosted git repository.

xiangying pushed a commit to branch stable
in repository https://gitbox.apache.org/repos/asf/pulsar-java-contrib.git

commit a95c6127d09b6258c797f551958add9672b0050e
Author: xiangying <[email protected]>
AuthorDate: Tue Jul 30 00:24:00 2024 +0800

    [Init] Add SECURITY.md
---
 SECURITY.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..b23c7ef
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,23 @@
+# Security
+
+## Security Policy
+
+This Project follows the ASF [security vulnerability handling 
process](https://apache.org/security/#vulnerability-handling).
+
+To report a new vulnerability you have discovered, please follow the [ASF 
security vulnerability reporting 
process](https://apache.org/security/#reporting-a-vulnerability). To report a 
vulnerability for Pulsar, contact the [Apache Security 
Team](https://www.apache.org/security/). When reporting a vulnerability to 
[[email protected]](mailto:[email protected]), you can copy your email to 
[[email protected]](mailto:[email protected]) to send your 
report to the Apache Pul [...]
+
+It is the responsibility of the security vulnerability handling project team 
(Apache Pulsar PMC in most cases) to make public security vulnerability 
announcements. You can follow announcements on the 
[[email protected]](mailto:[email protected]) mailing list. For 
instructions on how to subscribe, please see https://pulsar.apache.org/contact/.
+
+## Security advisories
+
+This section lists known vulnerabilities and their resolutions. We update this 
list regularly to keep our users informed about the security status of the 
project.
+
+### 2024
+
+| Vulnerability ID | Description | Severity | Resolution | CVE (if applicable) 
|
+|-------------------|-------------|----------|------------|----------------------|
+| CVE-YYYY-XXXXX    | Brief description of the vulnerability | High/Medium/Low 
| Details of the fix and mitigation steps | CVE identifier |
+| ...               | ...         | ...      | ...        | ...                
  |
+
+Please check back regularly for updates on known vulnerabilities and their 
resolutions.
+

Reply via email to