Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA

[Lars Kurth]

On 10/04/2018, 09:12, "Juergen Gross"  wrote:

On 09/04/18 17:02, Lars Kurth wrote:
> Note: this time with html disabled
> 
> To become a CNA, we need to more clearly specifiy the scope of
> security support. This change updates the document and points
> to SUPPORT.md and pages generated from SUPPORT.md
>  
> Also fixed a typo in the following paragraph.
>  
> Signed-off-by: Lars Kurth 
> ---
> security-policy.pandoc | 12 ++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>  
> diff --git a/security-policy.pandoc b/security-policy.pandoc
> index 5783183..6796220 100644
> --- a/security-policy.pandoc
> +++ b/security-policy.pandoc
> @@ -19,7 +19,15 @@ Scope of this process
>  This process primarily covers the [Xen Hypervisor
> 
Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484).
> -Vulnerabilties reported against other Xen Project teams will be handled 
on a
> +Specific information about features with security support can be found in
> +
> +1.  
[SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
> +in the releases' tar ball and its xen.git tree and on
> +[web pages generated from the SUPPORT.md 
file](http://xenbits.xenproject.org/docs/support/)
> +2.  For releases that do not contain SUPPORT.md, this information can be 
found
> +on the [Release Feature wiki 
page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
> +
> +Vulnerabilities reported against other Xen Project teams will be handled 
on a
> best effort basis by the relevant Project Lead together with the Security
> Response Team.
> @@ -401,7 +409,7 @@ Change History
> --
>  
> -
> +-   **v3.18 April 9th 2017:** Added reference to SUPPORT.md

 ^ 2018?

Oh, yes. Will fix when I commit, as I will fix the exact date then anyway. I 
don’t think I need another review cycle for this one issue
Lars
 

___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA

[Juergen Gross]

On 09/04/18 17:02, Lars Kurth wrote:
> Note: this time with html disabled
> 
> To become a CNA, we need to more clearly specifiy the scope of
> security support. This change updates the document and points
> to SUPPORT.md and pages generated from SUPPORT.md
>  
> Also fixed a typo in the following paragraph.
>  
> Signed-off-by: Lars Kurth 
> ---
> security-policy.pandoc | 12 ++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>  
> diff --git a/security-policy.pandoc b/security-policy.pandoc
> index 5783183..6796220 100644
> --- a/security-policy.pandoc
> +++ b/security-policy.pandoc
> @@ -19,7 +19,15 @@ Scope of this process
>  This process primarily covers the [Xen Hypervisor
> Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484).
> -Vulnerabilties reported against other Xen Project teams will be handled on a
> +Specific information about features with security support can be found in
> +
> +1.  
> [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
> +    in the releases' tar ball and its xen.git tree and on
> +    [web pages generated from the SUPPORT.md 
> file](http://xenbits.xenproject.org/docs/support/)
> +2.  For releases that do not contain SUPPORT.md, this information can be 
> found
> +    on the [Release Feature wiki 
> page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
> +
> +Vulnerabilities reported against other Xen Project teams will be handled on a
> best effort basis by the relevant Project Lead together with the Security
> Response Team.
> @@ -401,7 +409,7 @@ Change History
> --
>  
> -
> +-   **v3.18 April 9th 2017:** Added reference to SUPPORT.md

 ^ 2018?

Juergen

___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA

[Lars Kurth]

Note: this time with html disabled

To become a CNA, we need to more clearly specifiy the scope of
security support. This change updates the document and points
to SUPPORT.md and pages generated from SUPPORT.md
 
Also fixed a typo in the following paragraph.
 
Signed-off-by: Lars Kurth 
---
security-policy.pandoc | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
 
diff --git a/security-policy.pandoc b/security-policy.pandoc
index 5783183..6796220 100644
--- a/security-policy.pandoc
+++ b/security-policy.pandoc
@@ -19,7 +19,15 @@ Scope of this process
 This process primarily covers the [Xen Hypervisor
Project](index.php?option=com_content=article=82:xen-hypervisor=80:developers=484).
-Vulnerabilties reported against other Xen Project teams will be handled on a
+Specific information about features with security support can be found in
+
+1.  [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
+    in the releases' tar ball and its xen.git tree and on
+    [web pages generated from the SUPPORT.md 
file](http://xenbits.xenproject.org/docs/support/)
+2.  For releases that do not contain SUPPORT.md, this information can be found
+    on the [Release Feature wiki 
page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
+
+Vulnerabilities reported against other Xen Project teams will be handled on a
best effort basis by the relevant Project Lead together with the Security
Response Team.
@@ -401,7 +409,7 @@ Change History
--
 
-
+-   **v3.18 April 9th 2017:** Added reference to SUPPORT.md
-   **v3.17 July 20th 2017:** Added Zynstra
-   **v3.16 April 21st 2017:** Added HostPapa
-   **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL
-- 
2.13.0
 

___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel