You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ruediger Pluem <rp...@apache.org> on 2021/06/25 07:15:50 UTC
Security policy on Github
I would like to suggest that we fill a very basic document that shows on Github as our security policy.
Below my proposal for a SECURITY.md :
===================================================================
# Security Policy
## Supported Versions
Currently the only supported version is the latest patch release of the
2.4.x stable branch.
## Security Updates
[Apache 2.4 Security Vulnerabilities](http://httpd.apache.org/security/vulnerabilities_24.html)
## Reporting a Vulnerability
For information on how to report a new security problem please see
[here](http://httpd.apache.org/security_report.html)
=========================================================================================
Any objections?
Regards
RĂ¼diger
Re: Security policy on Github
Posted by Giovanni Bechis <gi...@paclan.it>.
On 6/25/21 9:15 AM, Ruediger Pluem wrote:
> I would like to suggest that we fill a very basic document that shows on Github as our security policy.
> Below my proposal for a SECURITY.md :
>
>
> ===================================================================
> # Security Policy
>
> ## Supported Versions
>
> Currently the only supported version is the latest patch release of the
> 2.4.x stable branch.
>
> ## Security Updates
>
> [Apache 2.4 Security Vulnerabilities](http://httpd.apache.org/security/vulnerabilities_24.html)
>
> ## Reporting a Vulnerability
>
> For information on how to report a new security problem please see
> [here](http://httpd.apache.org/security_report.html)
> =========================================================================================
>
> Any objections?
>
Great idea, +1.
Giovanni
Re: Security policy on Github
Posted by Stefan Eissing <st...@greenbytes.de>.
> Am 25.06.2021 um 09:15 schrieb Ruediger Pluem <rp...@apache.org>:
>
> I would like to suggest that we fill a very basic document that shows on Github as our security policy.
> Below my proposal for a SECURITY.md :
>
>
> ===================================================================
> # Security Policy
>
> ## Supported Versions
>
> Currently the only supported version is the latest patch release of the
> 2.4.x stable branch.
>
> ## Security Updates
>
> [Apache 2.4 Security Vulnerabilities](http://httpd.apache.org/security/vulnerabilities_24.html)
>
> ## Reporting a Vulnerability
>
> For information on how to report a new security problem please see
> [here](http://httpd.apache.org/security_report.html)
> =========================================================================================
>
> Any objections?
None. Good idea. +1