You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by dp...@apache.org on 2018/05/20 15:49:06 UTC
[22/50] logging-log4net git commit: add a project specific (mostly
empty) security page
add a project specific (mostly empty) security page
Project: http://git-wip-us.apache.org/repos/asf/logging-log4net/repo
Commit: http://git-wip-us.apache.org/repos/asf/logging-log4net/commit/44a62bdb
Tree: http://git-wip-us.apache.org/repos/asf/logging-log4net/tree/44a62bdb
Diff: http://git-wip-us.apache.org/repos/asf/logging-log4net/diff/44a62bdb
Branch: refs/heads/feature/RollingFileAppender-NG
Commit: 44a62bdba9fe737c16056e4b34cbee72718edf95
Parents: a0329e0
Author: Stefan Bodewig <bo...@apache.org>
Authored: Wed Jan 31 16:51:55 2018 +0100
Committer: Stefan Bodewig <bo...@apache.org>
Committed: Wed Jan 31 16:51:55 2018 +0100
----------------------------------------------------------------------
src/site/site.xml | 5 +-
src/site/xdoc/release/security-reports.xml | 64 +++++++++++++++++++++++++
2 files changed, 67 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/logging-log4net/blob/44a62bdb/src/site/site.xml
----------------------------------------------------------------------
diff --git a/src/site/site.xml b/src/site/site.xml
index aefdd5c..aa20cb6 100644
--- a/src/site/site.xml
+++ b/src/site/site.xml
@@ -30,6 +30,7 @@
<menu name="Apache log4net" inherit="top" img="icon-home">
<item name="About" href="/index.html"/>
<item name="Download" href="/download_log4net.cgi"/>
+ <item name="Security Reports" href="/release/security-reports.html"/>
<item name="Release Notes" href="/release/release-notes.html"/>
<item name="License" href="/license.html"/>
</menu>
@@ -66,8 +67,8 @@
</menu>
<menu name="Apache" inherit="top" img="icon-info-sign">
- <item name="Home" href="http://www.apache.org/"/>
- <item name="License" href="http://www.apache.org/licenses/"/>
+ <item name="Home" href="http://www.apache.org/"/>
+ <item name="License" href="http://www.apache.org/licenses/"/>
<item name="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html"/>
<item name="Thanks" href="http://www.apache.org/foundation/thanks.html"/>
<item name="Security" href="http://www.apache.org/security/"/>
http://git-wip-us.apache.org/repos/asf/logging-log4net/blob/44a62bdb/src/site/xdoc/release/security-reports.xml
----------------------------------------------------------------------
diff --git a/src/site/xdoc/release/security-reports.xml b/src/site/xdoc/release/security-reports.xml
new file mode 100644
index 0000000..30c57bd
--- /dev/null
+++ b/src/site/xdoc/release/security-reports.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<document>
+ <properties>
+ <title>Apache log4net: Security Reports</title>
+ <author email="dev@logging.apache.org">Logging Documentation Team</author>
+ </properties>
+ <body>
+ <section name="General Information">
+ <p>For information about reporting or asking questions about
+ security problems, please see the <a
+ href="https://logging.apache.org/security.html">security page
+ of the Logging project</a>.</p>
+ </section>
+
+ <section name="Apache log4net Security Vulnerabilities">
+ <p>This page lists all security vulnerabilities fixed in
+ released versions of Apache log4net. Each
+ vulnerability is given a security impact rating by the
+ development team - please note that this rating may vary from
+ platform to platform. We also list the versions of log4net the
+ flaw is known to affect, and where a flaw has not
+ been verified list the version with a question mark.</p>
+
+ <p>Please note that binary patches are never provided. If you
+ need to apply a source code patch, use the building
+ instructions for the log4net version that you are
+ using.</p>
+
+ <p>If you need help on building log4net or other help
+ on following the instructions to mitigate the known
+ vulnerabilities listed here, please send your questions to the
+ public <a href="../mail-lists.html">Logging Users mailing
+ list</a>.</p>
+
+ <p>If you have encountered an unlisted security vulnerability
+ or other unexpected behaviour that has security impact, or if
+ the descriptions here are incomplete, please report them
+ privately to the Apache Security Team. Thank you.</p>
+
+ </section>
+
+ <section name="Errors and Ommissions">
+ <p>Please report any errors or omissions to <a
+ href="../mail-lists.html">the dev mailing list</a>.</p>
+ </section>
+ </body>
+</document>