diff options
author | Justin Pettit <jpettit@ovn.org> | 2020-12-24 10:50:10 -0800 |
---|---|---|
committer | Justin Pettit <jpettit@ovn.org> | 2020-12-26 16:12:01 -0800 |
commit | def6eb1ea269806b12399a350a5af16e25da23ff (patch) | |
tree | 83254ab9736513c82bf730f83fb723a72abeaaa1 /Documentation/internals | |
parent | 22d0244a568b1a01b3aee4a80f942c62e12d8c5e (diff) | |
download | openvswitch-def6eb1ea269806b12399a350a5af16e25da23ff.tar.gz |
security.rst: Add more information about the Downstream mailing list.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Diffstat (limited to 'Documentation/internals')
-rw-r--r-- | Documentation/internals/security.rst | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/Documentation/internals/security.rst b/Documentation/internals/security.rst index f6a31ad01..8b4e5c3f4 100644 --- a/Documentation/internals/security.rst +++ b/Documentation/internals/security.rst @@ -247,10 +247,13 @@ immediate (esp. if it's already publicly known) to a few weeks. As a basic default policy, we expect report date to disclosure date to be 10 to 15 business days. -Operating system vendors are obvious downstream stakeholders. It may not be -necessary to be too choosy about who to include: any major Open vSwitch user -who is interested and can be considered trustworthy enough could be included. -To become a downstream stakeholder, email the ovs-security mailing list. +Operating system vendors are obvious downstream stakeholders, however, +any major Open vSwitch user who is interested and can be considered +trustworthy enough could be included. To request being added to the +Downstream mailing list, email the ovs-security mailing list. Please +include a few sentences on how your organization uses Open vSwitch. If +possible, please provide a security-related email alias rather than a +direct end-user address. If the vulnerability is already public, skip this step. |