Jump to: navigation, search

StarlingX/Security/Vulnerability Management

< StarlingX‎ | Security
Revision as of 14:18, 26 October 2018 by Kenyis (talk | contribs) (Created page with "Vulnerability Management Process The OpenStack vulnerability management team (VMT) is responsible for coordinating the progressive disclosure of a vulnerability. Members of t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Vulnerability Management Process The OpenStack vulnerability management team (VMT) is responsible for coordinating the progressive disclosure of a vulnerability.

Members of the team are independent and security-minded folks who ensure that vulnerabilities are dealt with in a timely manner and that downstream stakeholders are notified in a coordinated and fair manner. Where a member of the team is employed by a downstream stakeholder, the member does not give their employer prior notice of any vulnerabilities. In order to reduce the disclosure of vulnerability in the early stages, membership of this team is intentionally limited to a small number of people.

Supported versions The Vulnerability Management team coordinates patches fixing vulnerabilities in supported stable branches (corresponding to previous major releases) of OpenStack, in addition to the master branch (next version under development), for all security supported projects.

Retrieved from "https://wiki.openstack.org/w/index.php?title=StarlingX/Security/Vulnerability_Management&oldid=166319"