You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@xmlgraphics.apache.org by cl...@apache.org on 2015/02/11 14:58:00 UTC
svn commit: r1658962 - in /xmlgraphics/site/trunk: content/security.mdtext templates/batik-sidenav.mdtext templates/fop-sidenav.mdtext templates/xgc-sidenav.mdtext

Author: clay
Date: Wed Feb 11 13:57:59 2015
New Revision: 1658962

URL: http://svn.apache.org/r1658962
Log:
Adding Security page.

Added:
    xmlgraphics/site/trunk/content/security.mdtext   (with props)
Modified:
    xmlgraphics/site/trunk/templates/batik-sidenav.mdtext
    xmlgraphics/site/trunk/templates/fop-sidenav.mdtext
    xmlgraphics/site/trunk/templates/xgc-sidenav.mdtext

Added: xmlgraphics/site/trunk/content/security.mdtext
URL: http://svn.apache.org/viewvc/xmlgraphics/site/trunk/content/security.mdtext?rev=1658962&view=auto
==============================================================================
--- xmlgraphics/site/trunk/content/security.mdtext (added)
+++ xmlgraphics/site/trunk/content/security.mdtext Wed Feb 11 13:57:59 2015
@@ -0,0 +1,44 @@
+Title: The Apache&trade; XML Graphics Project - Community
+
+#The Apache&trade; XML Graphics Project - Security
+
+## Security { #Security}
+
+The *Apache&trade; XML Graphics Project* has collected its Security related information for all of its sub-projects to this page.
+
+### Apache&trade; Batik Project - Apache Batik Security { #BatikSecurity}
+
+At the time of the most recent update, the [Apache Batik Project](http://xmlgraphics.apache.org/batik/) has no published vulnerabilities.
+
+### Apache&trade; FOP Project - Apache FOP Security { #FOPSecurity}
+
+At the time of the most recent update, the [Apache FOP Project](http://xmlgraphics.apache.org/fop/) has no published vulnerabilities.
+
+### Apache&trade; XML Graphics Commons Project - Apache XML Graphics Commons Security { #XMLGraphicsCommonsSecurity}
+
+At the time of the most recent update, the [Apache  XML Graphics Commons Project](http://xmlgraphics.apache.org/commons/) has no published vulnerabilities.
+
+#Security Updates { #SecurityUpdates}
+
+To get notification of when new security issues are fixed, join the [Apache XML Graphics General Mailing](http://xmlgraphics.apache.org/mail.html#xmlgraphics-general) list
+
+#Reporting New Security Problems with the Apache XML Graphics Projects & Sub Projects { #ReportingSecurityProblems}
+
+Reporting New Security Problems with the Apache HTTP Server
+The Apache Software Foundation takes a very active stance in eliminating security problems and denial of service attacks against the Apache HTTP server.
+
+We strongly encourage folks to report such problems to the private security mailing list of the ASF Security Team, before disclosing them in a public forum.
+
+Please see the page of the [ASF Security Team](http://www.apache.org/security/) for further information and contact information.
+
+**IMPORTANT**
+
+  * **The Security Team cannot accept regular bug reports or other queries, we ask that you use our [bug reporting page](http://xmlgraphics.apache.org/commons/bugs.html) for those.** 
+  * **All mail sent to the Security Team that does not relate to security problems in Apache software will be ignored.**
+  * *PLEASE DO NOT SUBMIT SECURITY REPORTS REGARDING VULNERABILITIES TO OUR BUG REPORTING SYSTEM AS THIS MAY INADVERTENTLY PUBLICIZE THEM! FOLLOW THE STEPS ON THE [ASF SECURITY PAGE](http://www.apache.org/security/).*
+
+Note that all networked servers are subject to Distributed Denial of Service (DDOS) attacks, and we cannot promise magic workarounds to generic problems (such as a client streaming lots of data to your server, or re-requesting the same URL repeatedly). In general our philosophy is to avoid any attacks which can cause the server to consume resources in a non-linear relationship to the size of inputs.
+
+#Security Standards { #SecurityStandards}
+
+Apache XML Graphics Project vulnerabilities are labelled with [CVE](http://cve.mitre.org/) (Common Vulnerabilities and Exposures) identifiers.

Propchange: xmlgraphics/site/trunk/content/security.mdtext
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: xmlgraphics/site/trunk/templates/batik-sidenav.mdtext
URL: http://svn.apache.org/viewvc/xmlgraphics/site/trunk/templates/batik-sidenav.mdtext?rev=1658962&r1=1658961&r2=1658962&view=diff
==============================================================================
--- xmlgraphics/site/trunk/templates/batik-sidenav.mdtext (original)
+++ xmlgraphics/site/trunk/templates/batik-sidenav.mdtext Wed Feb 11 13:57:59 2015
@@ -27,7 +27,7 @@
     - ### Scripting
       - [Scripting with ECMAScript](/batik/using/scripting/ecmascript.html)
       - [Scripting with Java](/batik/using/scripting/java.html)
-      - [Security](/batik/using/scripting/security.html)
+      - [Scripting with Security](/batik/using/scripting/security.html)
     - [SVG generator](/batik/using/svg-generator.html)
     - [Swing components](/batik/using/swing.html)
     - [Transcoder API](/batik/using/transcoder.html)
@@ -48,7 +48,8 @@
     - [ASF Sponsorship Program](http://www.apache.org/foundation/sponsorship.html)
     - [ASF Thanks](http://www.apache.org/foundation/thanks.html)
     - [Licenses](http://www.apache.org/licenses/)
-    - [Security](http://www.apache.org/security/)
+    - [Apache XML Graphics Security](/security.html)
+    - [ASF Security](http://www.apache.org/security/)
 
 # Sub Projects
   - [Apache FOP](/fop/)
@@ -96,4 +97,4 @@ $(document).ready(function () {
     }
   });
 })
-</script>
\ No newline at end of file
+</script>

Modified: xmlgraphics/site/trunk/templates/fop-sidenav.mdtext
URL: http://svn.apache.org/viewvc/xmlgraphics/site/trunk/templates/fop-sidenav.mdtext?rev=1658962&r1=1658961&r2=1658962&view=diff
==============================================================================
--- xmlgraphics/site/trunk/templates/fop-sidenav.mdtext (original)
+++ xmlgraphics/site/trunk/templates/fop-sidenav.mdtext Wed Feb 11 13:57:59 2015
@@ -152,7 +152,8 @@
     - [ASF Sponsorship Program](http://www.apache.org/foundation/sponsorship.html)
     - [ASF Thanks](http://www.apache.org/foundation/thanks.html)
     - [Licenses](http://www.apache.org/licenses/)
-    - [Security](http://www.apache.org/security/)
+    - [Apache XML Graphics Security](/security.html)
+    - [ASF Security](http://www.apache.org/security/)
 
 # Sub Projects
   - [Apache Batik](/batik/)

Modified: xmlgraphics/site/trunk/templates/xgc-sidenav.mdtext
URL: http://svn.apache.org/viewvc/xmlgraphics/site/trunk/templates/xgc-sidenav.mdtext?rev=1658962&r1=1658961&r2=1658962&view=diff
==============================================================================
--- xmlgraphics/site/trunk/templates/xgc-sidenav.mdtext (original)
+++ xmlgraphics/site/trunk/templates/xgc-sidenav.mdtext Wed Feb 11 13:57:59 2015
@@ -7,10 +7,10 @@
     - [Tools for Adobe PostScript](/commons/postscript.html)
     - [Image Loader Framework](/commons/image-loader.html)
   - ## Information
-    - [Mailing Lists](/mail.html)
-    - [Code Repositories](/repo.html)
-    - [Changes](/commons/changes.html)
     - [Bugs](/commons/bugs.html)
+    - [Changes](/commons/changes.html)
+    - [Code Repositories](/repo.html)
+    - [Mailing Lists](/mail.html)
   
 # Apache&trade; XML Graphics
   - ### Project Overview
@@ -22,7 +22,8 @@
     - [ASF Sponsorship Program](http://www.apache.org/foundation/sponsorship.html)
     - [ASF Thanks](http://www.apache.org/foundation/thanks.html)
     - [Licenses](http://www.apache.org/licenses/)
-    - [Security](http://www.apache.org/security/)
+    - [Apache XML Graphics Security](/security.html)
+    - [ASF Security](http://www.apache.org/security/)
 
 # Sub Projects
   - [Apache Batik](/batik/)
@@ -71,4 +72,4 @@ $(document).ready(function () {
     }
   });
 })
-</script>
\ No newline at end of file
+</script>



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: commits-help@xmlgraphics.apache.org