[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA

Note: this time with html disabled

To become a CNA, we need to more clearly specifiy the scope of
security support. This change updates the document and points
to SUPPORT.md and pages generated from SUPPORT.md
Also fixed a typo in the following paragraph.
Signed-off-by: Lars Kurth <lars.kurth@xxxxxxxxxx>
security-policy.pandoc | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/security-policy.pandoc b/security-policy.pandoc
index 5783183..6796220 100644
--- a/security-policy.pandoc
+++ b/security-policy.pandoc
@@ -19,7 +19,15 @@ Scope of this process
 This process primarily covers the [Xen Hypervisor
-Vulnerabilties reported against other Xen Project teams will be handled on a
+Specific information about features with security support can be found in
+1.  [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
+    in the releases' tar ball and its xen.git tree and on
+    [web pages generated from the SUPPORT.md 
+2.  For releases that do not contain SUPPORT.md, this information can be found
+    on the [Release Feature wiki 
+Vulnerabilities reported against other Xen Project teams will be handled on a
best effort basis by the relevant Project Lead together with the Security
Response Team.
@@ -401,7 +409,7 @@ Change History
 <div class="box-note">
+-   **v3.18 April 9th 2017:** Added reference to SUPPORT.md
-   **v3.17 July 20th 2017:** Added Zynstra
-   **v3.16 April 21st 2017:** Added HostPapa
-   **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.