forked from apache/pulsar
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[docs] Clarify security vulnerability process and reporting (apache#1…
- Loading branch information
Showing
5 changed files
with
29 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -345,6 +345,8 @@ You can self-register at https://apache-pulsar.herokuapp.com/ | |
|
|
||
| To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. | ||
|
|
||
| https://github.com/apache/pulsar/security/policy contains more details. | ||
|
|
||
| ## License | ||
|
|
||
| Licensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,13 @@ | ||
| # Security Policy | ||
|
|
||
| The security policy and supported versions are outlined on the Pulsar website here: https://pulsar.apache.org/docs/security-policy-and-supported-versions/. | ||
| ## Security Vulnerability Process | ||
|
|
||
| The Pulsar community follows the ASF [security vulnerability handling process](https://apache.org/security/#vulnerability-handling). | ||
|
|
||
| To report a new vulnerability you have discovered, please follow the [ASF security vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. | ||
|
|
||
| It is the responsibility of the security vulnerability handling project team (Apache Pulsar PMC in most cases) to make public security vulnerability announcements. You can follow announcements on the [[email protected]](mailto:[email protected]) mailing list. For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
|
|
||
| ## Security Policy details and supported versions of Apache Pulsar | ||
|
|
||
| The security policy and supported versions are outlined on the Pulsar website under [Security > Security Policy and Supported Versions](https://pulsar.apache.org/docs/security-policy-and-supported-versions/). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,16 +9,13 @@ sidebar_label: "Security Policy and Supported Versions" | |
| You can find documentation on Pulsar's available security features and how to use them here: | ||
| https://pulsar.apache.org/docs/en/security-overview/. | ||
|
|
||
| ## Security Vulnerability Announcements | ||
| ## Security Vulnerability Process | ||
|
|
||
| The Pulsar community will announce security vulnerabilities and how to mitigate them on the [[email protected]](mailto:[email protected]). | ||
| For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
| The Pulsar community follows the ASF [security vulnerability handling process](https://apache.org/security/#vulnerability-handling). | ||
|
|
||
| ## Reporting Vulnerabilities | ||
| To report a new vulnerability you have discovered, please follow the [ASF security vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. | ||
|
|
||
| The Pulsar community follows the ASF [vulnerability handling process](https://apache.org/security/#vulnerability-handling). | ||
|
|
||
| To report a new vulnerability you have discovered please follow the [ASF vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). | ||
| It is the responsibility of the security vulnerability handling project team (Apache Pulsar PMC in most cases) to make public security vulnerability announcements. You can follow announcements on the [[email protected]](mailto:[email protected]) mailing list. For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
|
|
||
| ## Versioning Policy | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,18 +2,20 @@ | |
| id: security-policy-and-supported-versions | ||
| title: Security Policy and Supported Versions | ||
| sidebar_label: "Security Policy and Supported Versions" | ||
| original_id: security-policy-and-supported-versions | ||
| --- | ||
|
|
||
| ## Using Pulsar's Security Features | ||
|
|
||
| You can find documentation on Pulsar's available security features and how to use them here: | ||
| https://pulsar.apache.org/docs/en/security-overview/. | ||
|
|
||
| ## Security Vulnerability Announcements | ||
| ## Security Vulnerability Process | ||
|
|
||
| The Pulsar community will announce security vulnerabilities and how to mitigate them on the [[email protected]](mailto:[email protected]). | ||
| For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
| The Pulsar community follows the ASF [security vulnerability handling process](https://apache.org/security/#vulnerability-handling). | ||
|
|
||
| To report a new vulnerability you have discovered, please follow the [ASF security vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. | ||
|
|
||
| It is the responsibility of the security vulnerability handling project team (Apache Pulsar PMC in most cases) to make public security vulnerability announcements. You can follow announcements on the [[email protected]](mailto:[email protected]) mailing list. For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
|
|
||
| ## Versioning Policy | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,18 +2,20 @@ | |
| id: security-policy-and-supported-versions | ||
| title: Security Policy and Supported Versions | ||
| sidebar_label: "Security Policy and Supported Versions" | ||
| original_id: security-policy-and-supported-versions | ||
| --- | ||
|
|
||
| ## Using Pulsar's Security Features | ||
|
|
||
| You can find documentation on Pulsar's available security features and how to use them here: | ||
| https://pulsar.apache.org/docs/en/security-overview/. | ||
|
|
||
| ## Security Vulnerability Announcements | ||
| ## Security Vulnerability Process | ||
|
|
||
| The Pulsar community will announce security vulnerabilities and how to mitigate them on the [[email protected]](mailto:[email protected]). | ||
| For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
| The Pulsar community follows the ASF [security vulnerability handling process](https://apache.org/security/#vulnerability-handling). | ||
|
|
||
| To report a new vulnerability you have discovered, please follow the [ASF security vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [[email protected]](mailto:[email protected]), you can copy your email to [[email protected]](mailto:[email protected]) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list. | ||
|
|
||
| It is the responsibility of the security vulnerability handling project team (Apache Pulsar PMC in most cases) to make public security vulnerability announcements. You can follow announcements on the [[email protected]](mailto:[email protected]) mailing list. For instructions on how to subscribe, please see https://pulsar.apache.org/contact/. | ||
|
|
||
| ## Versioning Policy | ||
|
|
||
|
|
||