Project

General

Profile

Feature #1268

Adopting a Vulnerability Disclosure Policy for our projects

Added by Jonathan Rajotte Julien about 2 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Target version:
-
Start date:
05/22/2020
Due date:
% Done:

0%

Estimated time:

Description

Some organization might require/appreciate such policy.

We could probably base our policy on https://disclose.io/, considering they have "terms" [1] with canada in mind.

[1] https://github.com/disclose/disclose/tree/master/terms

IANAL

#1

Updated by Jonathan Rajotte Julien about 2 months ago

  • Tracker changed from Bug to Feature
#2

Updated by Christophe Bedard about 2 months ago

Thanks for opening this.

This seems to be the Linux kernel's policy: https://www.kernel.org/doc/html/latest/admin-guide/security-bugs.html

Other than the emails/links, it could be used for/applicable to LTTng

Also available in: Atom PDF