lhotari commented on code in PR #2: URL: https://github.com/apache/pulsar-java-contrib/pull/2#discussion_r1724449876
########## SECURITY.md: ########## @@ -0,0 +1,23 @@ +# Security + +## Security Policy + +This Project follows the ASF [security vulnerability handling process](https://apache.org/security/#vulnerability-handling). + +To report a new vulnerability you have discovered, please follow the [ASF security vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. + +It is the responsibility of the security vulnerability handling project team (Apache Pulsar PMC in most cases) to make public security vulnerability announcements. You can follow announcements on the [[email protected]](mailto:[email protected]) mailing list. For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. + +## Security advisories + +This section lists known vulnerabilities and their resolutions. We update this list regularly to keep our users informed about the security status of the project. + +### 2024 + +| Vulnerability ID | Description | Severity | Resolution | CVE (if applicable) | +|-------------------|-------------|----------|------------|----------------------| +| CVE-YYYY-XXXXX | Brief description of the vulnerability | High/Medium/Low | Details of the fix and mitigation steps | CVE identifier | +| ... | ... | ... | ... | ... | + +Please check back regularly for updates on known vulnerabilities and their resolutions. + Review Comment: This should be replaced with similar content as there is in apache/pulsar ```suggestion # Security Policy See https://pulsar.apache.org/security/. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
