On Fri, Nov 15, 2024 at 02:15:13PM -0600, Ryan Eatmon via lists.yoctoproject.org wrote: > Add a SECURITY file with hints for security researchers and other > parties who might report potential security vulnerabilities. > > Signed-off-by: Ryan Eatmon <[email protected]>
Acked-by: Denys Dmytriyenko <[email protected]> > --- > meta-arago-demos/SECURITY | 21 +++++++++++++++++++++ > meta-arago-distro/SECURITY | 21 +++++++++++++++++++++ > meta-arago-extras/SECURITY | 21 +++++++++++++++++++++ > meta-arago-test/SECURITY | 21 +++++++++++++++++++++ > 4 files changed, 84 insertions(+) > create mode 100644 meta-arago-demos/SECURITY > create mode 100644 meta-arago-distro/SECURITY > create mode 100644 meta-arago-extras/SECURITY > create mode 100644 meta-arago-test/SECURITY > > diff --git a/meta-arago-demos/SECURITY b/meta-arago-demos/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-demos/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-distro/SECURITY b/meta-arago-distro/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-distro/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-extras/SECURITY b/meta-arago-extras/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-extras/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-test/SECURITY b/meta-arago-test/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-test/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > -- > 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#15613): https://lists.yoctoproject.org/g/meta-arago/message/15613 Mute This Topic: https://lists.yoctoproject.org/mt/109600131/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-arago/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
