Versions Compared

Old Version 5

changes.mady.by.user Unknown User (kevin.kluge@citrix.com)

Saved on

compared with

New Version 6

changes.mady.by.user John Kinsella

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This document describes the procedures that will be used to respond to a reported vulnerability.

Security Team

The PPMC PMC has decided to create a "Security Team" for CloudStack.  The Security Team's charter is to manage the response to vulnerabilities reported with Apache CloudStack.  This includes communication with the report, issue verification, issue correction, public communication creation, and vendor coordination.  The Security Team may ask assistance from other community members to help verify or correct a reported issue.

Initially, the Security Team consists of the members of the PPMCPMC.

Community members engaged by the Security Team are expected to hold the issue in confidence until public announcement of the vulnerability.  This protects the users of the software and gives reasonable time for the response process to be implemented.  Further information can be found on the ASF's How it Works page.

...