Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

chore: Document vulnerability management and disclosure processes

Download Browse

Note that the GPG key has been removed from the security policy. It's hard to use correctly for everyone and the key would otherwise needs to be re-generated to rely on modern cryptographic primitives. Closes request #35827 Document vulnerability disclosure process Change-Id: I052b57c4ed0a41ad229fb374663aa4391661d7fa

+270 −71
Thomas Gerbet (tgerbet) 2024-02-23 18:13
Thomas Gerbet (tgerbet) 2024-03-14 09:55
da1750171d4b6c20e998cdfd62899a0811dedd53
3bd2f20e775c738b98de262c179ac9a5047c93b3
git #tuleap/stable/da1750171d4b6c20e998cdfd62899a0811dedd53

Modified Files

Side by side diff
Inline diff
Name
M SECURITY.md +5 −71 Go to diff View file
A doc/vulnerability-management/README.md +26 −0 Go to diff View file
A doc/vulnerability-management/runbook-vulnerability-response.md +49 −0 Go to diff View file
A doc/vulnerability-management/templates/github-advisory.md +43 −0 Go to diff View file
A doc/vulnerability-management/templates/tuleap-request.md +36 −0 Go to diff View file
A doc/vulnerability-management/vulnerability-response.md +111 −0 Go to diff View file