* OpenBMC security workgroup status
@ 2018-07-10 2:20 Joseph Reynolds
2018-07-11 3:19 ` Andrew Jeffery
0 siblings, 1 reply; 2+ messages in thread
From: Joseph Reynolds @ 2018-07-10 2:20 UTC (permalink / raw)
To: openbmc
[-- Attachment #1: Type: text/plain, Size: 639 bytes --]
Here is the OpenBMC security work group status.
The OpenBMC security work has been partitioned into four areas:
hardware, firmware (Linux, phosphor, etc.), OpenBMC development
activity, and downstream development. Reviews are out for three areas;
see https://gerrit.openbmc-project.xyz/#/c/11120/ and 11164. Work to
sketch out firmware security topics is beginning. We are also beginning
to look at topics such as release planning and how to handle security
flaws. For more details, see the group’s agenda and minutes at
https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI.
- Joseph Reynolds
[-- Attachment #2: Type: text/html, Size: 1444 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: OpenBMC security workgroup status
2018-07-10 2:20 OpenBMC security workgroup status Joseph Reynolds
@ 2018-07-11 3:19 ` Andrew Jeffery
0 siblings, 0 replies; 2+ messages in thread
From: Andrew Jeffery @ 2018-07-11 3:19 UTC (permalink / raw)
To: Joseph Reynolds, openbmc; +Cc: James Mihm, bradleyb
On Tue, 10 Jul 2018, at 11:50, Joseph Reynolds wrote:
> Here is the OpenBMC security work group status.
>
> The OpenBMC security work has been partitioned into four areas:
> hardware, firmware (Linux, phosphor, etc.), OpenBMC development
> activity, and downstream development. Reviews are out for three areas;
> see https://gerrit.openbmc-project.xyz/#/c/11120/ and 11164. Work to
> sketch out firmware security topics is beginning. We are also beginning
> to look at topics such as release planning and how to handle security
> flaws. For more details, see the group’s agenda and minutes at
> https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI.
What's the short-term strategy for handling vulnerability reports received in the gap between now and getting some formal process in place?
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-07-11 3:19 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-10 2:20 OpenBMC security workgroup status Joseph Reynolds
2018-07-11 3:19 ` Andrew Jeffery
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.