Xen project Mailing List

Re: [Xen-devel] [PATCH governance.git] Make Security Policy Doc ready to become a CNA

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Lars Kurth <lars.kurth@xxxxxxxxxx>

Date: Mon, 9 Apr 2018 15:02:39 +0000

Accept-language: en-GB, en-US

Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxx>, "committers@xxxxxxxxxxxxxx" <committers@xxxxxxxxxxxxxx>, "security@xxxxxxxxxxxxxx" <security@xxxxxxxxxxxxxx>

Delivery-date: Mon, 09 Apr 2018 15:03:02 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHT0BPN7Ek2eEQaskKIhnFL6Q1aZQ==

Thread-topic: [PATCH governance.git] Make Security Policy Doc ready to become a CNA

Note: this time with html disabled To become a CNA, we need to more clearly specifiy the scope of security support. This change updates the document and points to SUPPORT.md and pages generated from SUPPORT.md Also fixed a typo in the following paragraph. Signed-off-by: Lars Kurth <lars.kurth@xxxxxxxxxx> --- security-policy.pandoc | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/security-policy.pandoc b/security-policy.pandoc index 5783183..6796220 100644 --- a/security-policy.pandoc +++ b/security-policy.pandoc @@ -19,7 +19,15 @@ Scope of this process This process primarily covers the [Xen Hypervisor Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484). -Vulnerabilties reported against other Xen Project teams will be handled on a +Specific information about features with security support can be found in + +1. [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md) + in the releases' tar ball and its xen.git tree and on + [web pages generated from the SUPPORT.md file](http://xenbits.xenproject.org/docs/support/) +2. For releases that do not contain SUPPORT.md, this information can be found + on the [Release Feature wiki page](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features) + +Vulnerabilities reported against other Xen Project teams will be handled on a best effort basis by the relevant Project Lead together with the Security Response Team. @@ -401,7 +409,7 @@ Change History -------------- <div class="box-note"> - +- **v3.18 April 9th 2017:** Added reference to SUPPORT.md - **v3.17 July 20th 2017:** Added Zynstra - **v3.16 April 21st 2017:** Added HostPapa - **v3.15 March 21st 2017:** Added CloudVPS (Feb 13) and BitDefender SRL -- 2.13.0 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.