Change to write GitHub security advisories - attention repo maintainers
Joseph Reynolds
jrey at linux.ibm.com
Thu Jul 28 08:21:10 AEST 2022
OpenBMC community and technical oversight committee,
The security response team has been working to improve the process we
use to respond to security vulnerabilities. In short, we propose using
GitHub security advisories, one per repository. This better aligns with
industry standards, and it means owners and maintainers will have a
greater role.
I pushed a gerrit review to preview the details. Please take a look.
We are still working out the details and will continue to discuss before
implementing this change.
https://gerrit.openbmc.org/c/openbmc/docs/+/55974
- Joseph
More information about the openbmc
mailing list