1# OpenBMC Security Advisory Template 2 3This has guidelines for OpenBMC repository maintainers to follow when creating 4new draft GitHub security advisories as part of the [Security response team guidelines][]. 5 6Note that the sections under the "Description" section are intended for the 7security advisory "Description" field 8 9[security response team guidelines]: ./obmc-security-response-team-guidelines.md 10 11### Affected Product 12 13Ecosystem: Other OpenBMC Package name: <TBD> Affected versions: 2.9 Patched 14versions: <TBD> 15 16## Severity 17 18Assess the severity using CVSS. 19 20## CWE 21 22<TBD> 23 24## CVE identifier 25 26Please coordinate with the security response team 27 28## Credits 29 30Attribution to those that discovered and mitigated the vulnerability. 31 32### Title 33 34Title goes here... 35 36### Description 37 38The description will be used by vulnerability analysts and should include the 39area or the function affected, and a description of the issue. There should be 40enough details to differentiate this from similar problems, but not enough 41detail to help an attacker exploit the problem. 42 43### Proof Of Concept 44 45If provided, insert proof of concept here. 46 47### Vulnerability Description 48 49...can cause denial of service. 50 51### Affected Release 52 53OpenBMC 2.9 54 55### Fixed in Release 56 57Please include the commit-id in the affected repo, the commit id for the 58metadata, or the version number. 59 60### Mitigation 61 62If available, describe or provide a link to the mitigation needed until the fix 63can be applied. 64 65### For more information 66 67If you have any questions or comments about this advisory: 68 69- Email openbmc-security at lists.ozlabs.org 70