* Re: [PATCH governance.git] Make Security Policy Doc ready to become a CNA
@ 2018-04-09 15:02 Lars Kurth
2018-04-10 8:12 ` Juergen Gross
0 siblings, 1 reply; 4+ messages in thread
From: Lars Kurth @ 2018-04-09 15:02 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, committers, security
Note: this time with html disabled
To become a CNA, we need to more clearly specifiy the scope of
security support. This change updates the document and points
to SUPPORT.md and pages generated from SUPPORT.md
Also fixed a typo in the following paragraph.
Signed-off-by: Lars Kurth <lars.kurth@citrix.com>
---
security-policy.pandoc | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/security-policy.pandoc b/security-policy.pandoc
index 5783183..6796220 100644
--- a/security-policy.pandoc
+++ b/security-policy.pandoc
@@ -19,7 +19,15 @@ Scope of this process
This process primarily covers the [Xen Hypervisor
Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484).
-Vulnerabilties reported against other Xen Project teams will be handled on a
+Specific information about features with security support can be found in
+
+1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
+ in the releases' tar ball and its xen.git tree and on
+ [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/)
+2. For releases that do not contain SUPPORT.md, this information can be found
+ on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
+
+Vulnerabilities reported against other Xen Project teams will be handled on a
best effort basis by the relevant Project Lead together with the Security
Response Team.
@@ -401,7 +409,7 @@ Change History
--------------
<div class="box-note">
-
+- **v3.18 April 9th 2017:** Added reference to SUPPORT.md
- **v3.17 July 20th 2017:** Added Zynstra
- **v3.16 April 21st 2017:** Added HostPapa
- **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL
--
2.13.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH governance.git] Make Security Policy Doc ready to become a CNA
2018-04-09 15:02 [PATCH governance.git] Make Security Policy Doc ready to become a CNA Lars Kurth
@ 2018-04-10 8:12 ` Juergen Gross
2018-04-10 12:26 ` Lars Kurth
0 siblings, 1 reply; 4+ messages in thread
From: Juergen Gross @ 2018-04-10 8:12 UTC (permalink / raw)
To: Lars Kurth, xen-devel; +Cc: Ian Jackson, committers, security
On 09/04/18 17:02, Lars Kurth wrote:
> Note: this time with html disabled
>
> To become a CNA, we need to more clearly specifiy the scope of
> security support. This change updates the document and points
> to SUPPORT.md and pages generated from SUPPORT.md
>
> Also fixed a typo in the following paragraph.
>
> Signed-off-by: Lars Kurth <lars.kurth@citrix.com>
> ---
> security-policy.pandoc | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/security-policy.pandoc b/security-policy.pandoc
> index 5783183..6796220 100644
> --- a/security-policy.pandoc
> +++ b/security-policy.pandoc
> @@ -19,7 +19,15 @@ Scope of this process
> This process primarily covers the [Xen Hypervisor
> Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484).
> -Vulnerabilties reported against other Xen Project teams will be handled on a
> +Specific information about features with security support can be found in
> +
> +1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
> + in the releases' tar ball and its xen.git tree and on
> + [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/)
> +2. For releases that do not contain SUPPORT.md, this information can be found
> + on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
> +
> +Vulnerabilities reported against other Xen Project teams will be handled on a
> best effort basis by the relevant Project Lead together with the Security
> Response Team.
> @@ -401,7 +409,7 @@ Change History
> --------------
> <div class="box-note">
> -
> +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md
^ 2018?
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH governance.git] Make Security Policy Doc ready to become a CNA
2018-04-10 8:12 ` Juergen Gross
@ 2018-04-10 12:26 ` Lars Kurth
0 siblings, 0 replies; 4+ messages in thread
From: Lars Kurth @ 2018-04-10 12:26 UTC (permalink / raw)
To: Juergen Gross, xen-devel; +Cc: Ian Jackson, committers, security
On 10/04/2018, 09:12, "Juergen Gross" <jgross@suse.com> wrote:
On 09/04/18 17:02, Lars Kurth wrote:
> Note: this time with html disabled
>
> To become a CNA, we need to more clearly specifiy the scope of
> security support. This change updates the document and points
> to SUPPORT.md and pages generated from SUPPORT.md
>
> Also fixed a typo in the following paragraph.
>
> Signed-off-by: Lars Kurth <lars.kurth@citrix.com>
> ---
> security-policy.pandoc | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/security-policy.pandoc b/security-policy.pandoc
> index 5783183..6796220 100644
> --- a/security-policy.pandoc
> +++ b/security-policy.pandoc
> @@ -19,7 +19,15 @@ Scope of this process
> This process primarily covers the [Xen Hypervisor
> Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484).
> -Vulnerabilties reported against other Xen Project teams will be handled on a
> +Specific information about features with security support can be found in
> +
> +1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
> + in the releases' tar ball and its xen.git tree and on
> + [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/)
> +2. For releases that do not contain SUPPORT.md, this information can be found
> + on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
> +
> +Vulnerabilities reported against other Xen Project teams will be handled on a
> best effort basis by the relevant Project Lead together with the Security
> Response Team.
> @@ -401,7 +409,7 @@ Change History
> --------------
> <div class="box-note">
> -
> +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md
^ 2018?
Oh, yes. Will fix when I commit, as I will fix the exact date then anyway. I don’t think I need another review cycle for this one issue
Lars
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH governance.git] Make Security Policy Doc ready to become a CNA
@ 2018-04-09 14:59 Lars Kurth
0 siblings, 0 replies; 4+ messages in thread
From: Lars Kurth @ 2018-04-09 14:59 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, committers, security
[-- Attachment #1.1: Type: text/plain, Size: 1812 bytes --]
To become a CNA, we need to more clearly specifiy the scope of
security support. This change updates the document and points
to SUPPORT.md and pages generated from SUPPORT.md
Also fixed a typo in the following paragraph.
Signed-off-by: Lars Kurth <lars.kurth@citrix.com>
---
security-policy.pandoc | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/security-policy.pandoc b/security-policy.pandoc
index 5783183..6796220 100644
--- a/security-policy.pandoc
+++ b/security-policy.pandoc
@@ -19,7 +19,15 @@ Scope of this process
This process primarily covers the [Xen Hypervisor
Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484).
-Vulnerabilties reported against other Xen Project teams will be handled on a
+Specific information about features with security support can be found in
+
+1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
+ in the releases' tar ball and its xen.git tree and on
+ [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/)
+2. For releases that do not contain SUPPORT.md, this information can be found
+ on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features)
+
+Vulnerabilities reported against other Xen Project teams will be handled on a
best effort basis by the relevant Project Lead together with the Security
Response Team.
@@ -401,7 +409,7 @@ Change History
--------------
<div class="box-note">
-
+- **v3.18 April 9th 2017:** Added reference to SUPPORT.md
- **v3.17 July 20th 2017:** Added Zynstra
- **v3.16 April 21st 2017:** Added HostPapa
- **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL
--
2.13.0
[-- Attachment #1.2: Type: text/html, Size: 6721 bytes --]
[-- Attachment #2: Type: text/plain, Size: 157 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-04-10 12:26 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-09 15:02 [PATCH governance.git] Make Security Policy Doc ready to become a CNA Lars Kurth
2018-04-10 8:12 ` Juergen Gross
2018-04-10 12:26 ` Lars Kurth
-- strict thread matches above, loose matches on Subject: below --
2018-04-09 14:59 Lars Kurth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.