Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA
On 10/04/2018, 09:12, "Juergen Gross"wrote: On 09/04/18 17:02, Lars Kurth wrote: > Note: this time with html disabled > > To become a CNA, we need to more clearly specifiy the scope of > security support. This change updates the document and points > to SUPPORT.md and pages generated from SUPPORT.md > > Also fixed a typo in the following paragraph. > > Signed-off-by: Lars Kurth > --- > security-policy.pandoc | 12 ++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/security-policy.pandoc b/security-policy.pandoc > index 5783183..6796220 100644 > --- a/security-policy.pandoc > +++ b/security-policy.pandoc > @@ -19,7 +19,15 @@ Scope of this process > This process primarily covers the [Xen Hypervisor > Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484). > -Vulnerabilties reported against other Xen Project teams will be handled on a > +Specific information about features with security support can be found in > + > +1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md) > +in the releases' tar ball and its xen.git tree and on > +[web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/) > +2. For releases that do not contain SUPPORT.md, this information can be found > +on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features) > + > +Vulnerabilities reported against other Xen Project teams will be handled on a > best effort basis by the relevant Project Lead together with the Security > Response Team. > @@ -401,7 +409,7 @@ Change History > -- > > - > +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md ^ 2018? Oh, yes. Will fix when I commit, as I will fix the exact date then anyway. I don’t think I need another review cycle for this one issue Lars ___ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA
On 09/04/18 17:02, Lars Kurth wrote: > Note: this time with html disabled > > To become a CNA, we need to more clearly specifiy the scope of > security support. This change updates the document and points > to SUPPORT.md and pages generated from SUPPORT.md > > Also fixed a typo in the following paragraph. > > Signed-off-by: Lars Kurth> --- > security-policy.pandoc | 12 ++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/security-policy.pandoc b/security-policy.pandoc > index 5783183..6796220 100644 > --- a/security-policy.pandoc > +++ b/security-policy.pandoc > @@ -19,7 +19,15 @@ Scope of this process > This process primarily covers the [Xen Hypervisor > Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484). > -Vulnerabilties reported against other Xen Project teams will be handled on a > +Specific information about features with security support can be found in > + > +1. > [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md) > + in the releases' tar ball and its xen.git tree and on > + [web pages generated from the SUPPORT.md > file](http://xenbits.xenproject.org/docs/support/) > +2. For releases that do not contain SUPPORT.md, this information can be > found > + on the [Release Feature wiki > page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features) > + > +Vulnerabilities reported against other Xen Project teams will be handled on a > best effort basis by the relevant Project Lead together with the Security > Response Team. > @@ -401,7 +409,7 @@ Change History > -- > > - > +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md ^ 2018? Juergen ___ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA
Note: this time with html disabled To become a CNA, we need to more clearly specifiy the scope of security support. This change updates the document and points to SUPPORT.md and pages generated from SUPPORT.md Also fixed a typo in the following paragraph. Signed-off-by: Lars Kurth--- security-policy.pandoc | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/security-policy.pandoc b/security-policy.pandoc index 5783183..6796220 100644 --- a/security-policy.pandoc +++ b/security-policy.pandoc @@ -19,7 +19,15 @@ Scope of this process This process primarily covers the [Xen Hypervisor Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484). -Vulnerabilties reported against other Xen Project teams will be handled on a +Specific information about features with security support can be found in + +1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md) + in the releases' tar ball and its xen.git tree and on + [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/) +2. For releases that do not contain SUPPORT.md, this information can be found + on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features) + +Vulnerabilities reported against other Xen Project teams will be handled on a best effort basis by the relevant Project Lead together with the Security Response Team. @@ -401,7 +409,7 @@ Change History -- - +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md - **v3.17 July 20th 2017:** Added Zynstra - **v3.16 April 21st 2017:** Added HostPapa - **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL -- 2.13.0 ___ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel