Start using github security advisories
Brad Bishop
bradleyb at fuzziesquirrel.com
Tue Oct 19 05:49:58 AEDT 2021
On Thu, Oct 14, 2021 at 02:12:20PM -0500, Andrew Geissler wrote:
>> Per today's Security working group meeting, we want to start using
>> [GitHub security advisories][]. I think we need someone with admin
>> permissions to github.com/openbmc/openbmc to create new advisories.
>> Then we'll want a group (team? perhaps security-response-team) with
>> the current OpenBMC [security response team][] members. (I have that
>> list.)
>
>Looks like you’ll need admin authority on openbmc/openbmc in order to
>utilize the security advisories feature. I wonder if it’s better to
>create a openbmc/security repo and we can give you and the security
>team admin of that repo for this work? This would also provide a
>potential location to track github issues for the security team.
This was my thinking as well Andrew. I'll create
openbmc/security-response if I don't see any complaints in the next
little while.
-brad
More information about the openbmc
mailing list