Lines Matching full:security
1 # How to report a security vulnerability
3 This describes how you can report an OpenBMC security vulnerability privately to
8 - You have information about a security problem or vulnerability which is not
14 To begin the process: Privately contact the OpenBMC security response team and
17 - Suggest sending an email. Use `openbmc-security at lists.ozlabs.org`.
20 not, the security response team will help route the problem.
21 - Include details about the security problem such as:
29 the security response team can help you route the problem.
31 When the project owners get a new security problem, they will create a [GitHub
32 security advisory][] in their repository and begin work. The advisory has draft
37 - The OpenBMC security response team.
42 - The OpenBMC [CVE Numbering Authority (CNA)][] (members of the OpenBMC security
45 Anyone brought onboard should be given a link to the OpenBMC [security
52 - At the agreed time, publish the OpenBMC security advisory, reveal the fix, and
70 [security response team guidelines]: ./obmc-security-response-team-guidelines.md
75 [github security advisory]:
76 …https://docs.github.com/en/code-security/repository-security-advisories/creating-a-repository-secu…