The TSC approved the SECCOM plan for projects to remediate known vulnerabilities in third party packages by upgrading direct dependencies to the latest version. The full description of the plan can be found at Remediating Known Vulnerabilities in Third Party Packages<https://wiki.onap.org/display/DW/Remediating+Known+Vulnerabilities+in+Third+Party+Packages>. Pierre Close is working on a script to automatically generate Jira tickets for the package upgrades for M2.
Amy Zwarico, LMTS Chief Security Office / Platform Security AT&T Services (205) 613-1667 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19693): https://lists.onap.org/g/onap-discuss/message/19693 Mute This Topic: https://lists.onap.org/mt/68849856/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
