Skip to content

Coordinated vulnerability disclosure#8652

Merged
jodygarnett merged 4 commits intomainfrom
coordinated-vulneraebility-exposure
Mar 31, 2025
Merged

Coordinated vulnerability disclosure#8652
jodygarnett merged 4 commits intomainfrom
coordinated-vulneraebility-exposure

Conversation

@jodygarnett
Copy link
Contributor

@jodygarnett jodygarnett commented Feb 11, 2025

Update security policy for Coordinated vulnerability disclosure.

I thought we had covered this in response to Cyber Security Act, but apparently not yet.

Please see proposed text to note handling of CVE numbers and coordinated vulnerability disclosure policy. Idea is to give everyone a chance to update before public disclosure.

Checklist

  • I have read the contribution guidelines
  • Pull request provided for main branch, backports managed with label
  • Good housekeeping of code, cleaning up comments, tests, and documentation
  • Clean commit history broken into understandable chucks, avoiding big commits with hundreds of files, cautious of reformatting and whitespace changes
  • Clean commit messages, longer verbose messages are encouraged
  • API Changes are identified in commit messages
  • Testing provided for features or enhancements using automatic tests
  • User documentation provided for new features or enhancements in manual
  • Build documentation provided for development instructions in README.md files
  • Library management using pom.xml dependency management. Update build documentation with intended library use and library tutorials or documentation

@jodygarnett
Coordinated vulnerability disclosure
2742371 
Update security policy for Coordinated vulnerability disclosure.
@jodygarnett jodygarnett requested a review from ticheler February 11, 2025 22:55
@josegar74 josegar74 added this to the 4.4.7 milestone Feb 12, 2025
joachimnielandt
joachimnielandt reviewed Feb 12, 2025
View reviewed changes
joachimnielandt
joachimnielandt reviewed Feb 12, 2025
View reviewed changes
joachimnielandt
joachimnielandt reviewed Feb 12, 2025
View reviewed changes
josegar74 and others added 3 commits February 13, 2025 09:02
@josegar74 @joachimnielandt
Update SECURITY.md
1912bcc 
Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>
@josegar74 @joachimnielandt
Update SECURITY.md
74e9fcd 
Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>
@josegar74 @joachimnielandt
Update SECURITY.md
2e56269 
Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 13, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jodygarnett jodygarnett merged commit 74f9bab into main Mar 31, 2025
11 checks passed
@jodygarnett jodygarnett deleted the coordinated-vulneraebility-exposure branch March 31, 2025 21:07
jodygarnett added a commit to jodygarnett/core-geonetwork that referenced this pull request Mar 31, 2025
@jodygarnett @josegar74 @joachimnielandt
Coordinated vulnerability disclosure (geonetwork#8652)
143205e 
* Coordinated vulnerability disclosure 

Update security policy for Coordinated vulnerability disclosure.

* Update SECURITY.md

Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>

* Update SECURITY.md

Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>

* Update SECURITY.md

Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>

---------

Co-authored-by: Jose García <josegar74@gmail.com>
Co-authored-by: joachimnielandt <joachim.nielandt@vlaanderen.be>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ticheler ticheler Awaiting requested review from ticheler

1 more reviewer

@joachimnielandt joachimnielandt joachimnielandt left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

4.4.7

Development

Successfully merging this pull request may close these issues.

3 participants

@jodygarnett @joachimnielandt @josegar74