OpenBMC documentation https://git.raptorcs.com/git/openbmc-docs/atom?h=master 2019-02-11T19:15:05+00:00 2019-02-11T19:15:05+00:00 Gunnar Mills gmills@us.ibm.com 2019-02-11T17:54:10+00:00 urn:sha1:876953d31a48164a8dc513a238f02abefeb77303 Change-Id: I30cb36b2d61f0e57cffeaebaca48623e9b1ba56d Signed-off-by: Gunnar Mills <gmills@us.ibm.com> 2018-10-29T14:25:28+00:00 Joseph Reynolds jrey@us.ibm.com 2018-07-26T21:08:29+00:00 urn:sha1:01e72e8a691eeba193e6765d21ea7badc0b93278 Adds two new documents: - "How to report a security vulnerability" says how to privately report a security vulnerability with the intention of getting a fix before public disclosure. - "Security response team guidelines" is for the security response team and community members who are responding to privately disclosed problems and working to provide a fix. Change-Id: I83475bd4bfa014106ab5c3b50ad81e3488d06ba3 Signed-off-by: Joseph Reynolds <jrey@us.ibm.com> 2018-10-29T14:25:28+00:00 Joseph Reynolds jrey@us.ibm.com 2018-07-16T21:12:02+00:00 urn:sha1:0a97a5d7175e5dfe81609b7a539e1319514d2f7a This documents the process to privately report OpenBMC security vulnerabilities with the intention of giving time to the project to fix the problem before public disclosure. This first commit establishes the project's scope. The next commit: - provides guidelines to the OpenBMC security response team as it works to address the security issues and disclose publicly - establishes the "How to report security vulnerabilities" web page to tell problem submitters what to include in their report and what to expect from the OpenBMC security response team Change-Id: Ib90070f998a815ba3f4430c7eb6ff84b3934e012 Signed-off-by: Joseph Reynolds <jrey@us.ibm.com>