You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by pe...@apache.org on 2022/03/12 03:12:06 UTC

[pulsar] branch master updated: Move reporting a vulnerability documentation to contact page (#14610)

This is an automated email from the ASF dual-hosted git repository.

penghui pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new ce901d4  Move reporting a vulnerability documentation to contact page (#14610)
ce901d4 is described below

commit ce901d4ed0c06fc031c968f15de04781635aa98e
Author: Michael Marshall <mm...@apache.org>
AuthorDate: Fri Mar 11 21:10:15 2022 -0600

    Move reporting a vulnerability documentation to contact page (#14610)
---
 README.md                                |  4 ++++
 site2/docs/security-versioning-policy.md |  6 ------
 site2/website/pages/en/contact.js        | 16 +++++++++++++---
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index b11a8e7..fa4c03d 100644
--- a/README.md
+++ b/README.md
@@ -297,6 +297,10 @@ Pulsar slack channel at https://apache-pulsar.slack.com/
 
 You can self-register at https://apache-pulsar.herokuapp.com/
 
+##### Report a security vulnerability
+
+To report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [security@apache.org](mailto:security@apache.org), you can copy your email to [private@pulsar.apache.org](mailto:private@pulsar.apache.org) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list.
+
 ## License
 
 Licensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
diff --git a/site2/docs/security-versioning-policy.md b/site2/docs/security-versioning-policy.md
index 0b65f1b..7bfa1e0 100644
--- a/site2/docs/security-versioning-policy.md
+++ b/site2/docs/security-versioning-policy.md
@@ -4,12 +4,6 @@ title: Security Policy and Supported Versions
 sidebar_label: Security Policy and Supported Versions
 ---
 
-## Reporting a Vulnerability
-
-The current process for reporting vulnerabilities is outlined here: https://www.apache.org/security/. When reporting a
-vulnerability to security@apache.org, you can copy your email to [private@pulsar.apache.org](mailto:private@pulsar.apache.org)
-to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list.
-
 ## Using Pulsar's Security Features
 
 You can find documentation on Pulsar's available security features and how to use them here:
diff --git a/site2/website/pages/en/contact.js b/site2/website/pages/en/contact.js
index 57f6aba..24acede 100644
--- a/site2/website/pages/en/contact.js
+++ b/site2/website/pages/en/contact.js
@@ -50,9 +50,9 @@ class Contact extends React.Component {
             There are many ways to get help from the Apache Pulsar community.
             The mailing lists are the primary place where all Pulsar committers are present.
             Bugs and feature requests can either be discussed on the dev mailing list or
-            by opening an issue on
-            <a href="https://github.com/apache/pulsar/" target="_blank">GitHub</a>.
-            </translate></p>
+            by opening an issue on</translate>
+            <a href="https://github.com/apache/pulsar/" target="_blank"> GitHub</a>.
+            </p>
 
             <h2><translate>Mailing Lists</translate></h2>
             <table className="versions">
@@ -79,6 +79,16 @@ class Contact extends React.Component {
                 )}
               </tbody>
             </table>
+            <h2><translate>Reporting Security Vulnerabilities</translate></h2>
+              <p><translate>
+              The current process for reporting vulnerabilities is outlined here: </translate>
+              <a href="https://www.apache.org/security/" target="_blank"> Apache Security</a>
+              <translate>. When reporting a vulnerability to</translate>
+              <a href="mailto:security@apache.org" target="_blank"> security@apache.org</a>
+              <translate>, you can copy your email to </translate>
+              <a href="mailto:private@pulsar.apache.org" target="_blank"> private@pulsar.apache.org </a>
+              <translate> to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list.</translate>
+              </p>
 
             <h2><translate>Stack Overflow</translate></h2>
               <p><translate>