Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-3277

Document vulnerability reporting

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Critical
    • Resolution: Duplicate
    • None
    • None
    • docs

    Description

      We currently have neither a security disclosure page nor instructions on how people should report vulnerabilities to us.

      security@apache.org will already use our private@accumulo list for forwarding issues to us. Presuming we don't want to create security@accumulo, we should advertise that private@ is the preferred way for others to contact us.

      in addition to a dedicate page, a reference on the mailing lists page would be a good idea (since it's the closest thing we have to a 'contact us' page).

      ref: ASF guide

      Attachments

        Issue Links

          links to

          Web Link ASF guide

          Activity

            People

              Unassigned Unassigned
              busbey Sean Busbey
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h