| Message ID | 20241115201513.23724-1-reatmon@ti.com |
|---|---|
| State | Under Review |
| Delegated to: | Ryan Eatmon |
| Headers | show |
| Series | [meta-arago,master/scarthgap/kirkstone] SECURITY: Add file | expand |
On Fri, Nov 15, 2024 at 02:15:13PM -0600, Ryan Eatmon via lists.yoctoproject.org wrote: > Add a SECURITY file with hints for security researchers and other > parties who might report potential security vulnerabilities. > > Signed-off-by: Ryan Eatmon <reatmon@ti.com> Acked-by: Denys Dmytriyenko <denys@konsulko.com> > --- > meta-arago-demos/SECURITY | 21 +++++++++++++++++++++ > meta-arago-distro/SECURITY | 21 +++++++++++++++++++++ > meta-arago-extras/SECURITY | 21 +++++++++++++++++++++ > meta-arago-test/SECURITY | 21 +++++++++++++++++++++ > 4 files changed, 84 insertions(+) > create mode 100644 meta-arago-demos/SECURITY > create mode 100644 meta-arago-distro/SECURITY > create mode 100644 meta-arago-extras/SECURITY > create mode 100644 meta-arago-test/SECURITY > > diff --git a/meta-arago-demos/SECURITY b/meta-arago-demos/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-demos/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-distro/SECURITY b/meta-arago-distro/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-distro/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-extras/SECURITY b/meta-arago-extras/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-extras/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > diff --git a/meta-arago-test/SECURITY b/meta-arago-test/SECURITY > new file mode 100644 > index 00000000..e4b1b13f > --- /dev/null > +++ b/meta-arago-test/SECURITY > @@ -0,0 +1,21 @@ > +How to Report a Potential Vulnerability? > +======================================== > + > +If you would like to report a public issue (for example, one with a released > +CVE number), please report it to the mailing list: > + > + https://lists.yoctoproject.org/g/meta-arago > + > +If you are dealing with a not-yet released or urgent issue, please send a > +message to one of the maintainers listed in the README. Include as many > +details as possible: > + - the layer or software module affected > + - the recipe and its version > + - any example code, if available > + > +Branches maintained with security fixes > +--------------------------------------- > + > +See https://wiki.yoctoproject.org/wiki/Releases for the list of current > +releases. We only accept patches for the LTS releases and the master branch. > + > -- > 2.17.1
diff --git a/meta-arago-demos/SECURITY b/meta-arago-demos/SECURITY new file mode 100644 index 00000000..e4b1b13f --- /dev/null +++ b/meta-arago-demos/SECURITY @@ -0,0 +1,21 @@ +How to Report a Potential Vulnerability? +======================================== + +If you would like to report a public issue (for example, one with a released +CVE number), please report it to the mailing list: + + https://lists.yoctoproject.org/g/meta-arago + +If you are dealing with a not-yet released or urgent issue, please send a +message to one of the maintainers listed in the README. Include as many +details as possible: + - the layer or software module affected + - the recipe and its version + - any example code, if available + +Branches maintained with security fixes +--------------------------------------- + +See https://wiki.yoctoproject.org/wiki/Releases for the list of current +releases. We only accept patches for the LTS releases and the master branch. + diff --git a/meta-arago-distro/SECURITY b/meta-arago-distro/SECURITY new file mode 100644 index 00000000..e4b1b13f --- /dev/null +++ b/meta-arago-distro/SECURITY @@ -0,0 +1,21 @@ +How to Report a Potential Vulnerability? +======================================== + +If you would like to report a public issue (for example, one with a released +CVE number), please report it to the mailing list: + + https://lists.yoctoproject.org/g/meta-arago + +If you are dealing with a not-yet released or urgent issue, please send a +message to one of the maintainers listed in the README. Include as many +details as possible: + - the layer or software module affected + - the recipe and its version + - any example code, if available + +Branches maintained with security fixes +--------------------------------------- + +See https://wiki.yoctoproject.org/wiki/Releases for the list of current +releases. We only accept patches for the LTS releases and the master branch. + diff --git a/meta-arago-extras/SECURITY b/meta-arago-extras/SECURITY new file mode 100644 index 00000000..e4b1b13f --- /dev/null +++ b/meta-arago-extras/SECURITY @@ -0,0 +1,21 @@ +How to Report a Potential Vulnerability? +======================================== + +If you would like to report a public issue (for example, one with a released +CVE number), please report it to the mailing list: + + https://lists.yoctoproject.org/g/meta-arago + +If you are dealing with a not-yet released or urgent issue, please send a +message to one of the maintainers listed in the README. Include as many +details as possible: + - the layer or software module affected + - the recipe and its version + - any example code, if available + +Branches maintained with security fixes +--------------------------------------- + +See https://wiki.yoctoproject.org/wiki/Releases for the list of current +releases. We only accept patches for the LTS releases and the master branch. + diff --git a/meta-arago-test/SECURITY b/meta-arago-test/SECURITY new file mode 100644 index 00000000..e4b1b13f --- /dev/null +++ b/meta-arago-test/SECURITY @@ -0,0 +1,21 @@ +How to Report a Potential Vulnerability? +======================================== + +If you would like to report a public issue (for example, one with a released +CVE number), please report it to the mailing list: + + https://lists.yoctoproject.org/g/meta-arago + +If you are dealing with a not-yet released or urgent issue, please send a +message to one of the maintainers listed in the README. Include as many +details as possible: + - the layer or software module affected + - the recipe and its version + - any example code, if available + +Branches maintained with security fixes +--------------------------------------- + +See https://wiki.yoctoproject.org/wiki/Releases for the list of current +releases. We only accept patches for the LTS releases and the master branch. +
Add a SECURITY file with hints for security researchers and other parties who might report potential security vulnerabilities. Signed-off-by: Ryan Eatmon <reatmon@ti.com> --- meta-arago-demos/SECURITY | 21 +++++++++++++++++++++ meta-arago-distro/SECURITY | 21 +++++++++++++++++++++ meta-arago-extras/SECURITY | 21 +++++++++++++++++++++ meta-arago-test/SECURITY | 21 +++++++++++++++++++++ 4 files changed, 84 insertions(+) create mode 100644 meta-arago-demos/SECURITY create mode 100644 meta-arago-distro/SECURITY create mode 100644 meta-arago-extras/SECURITY create mode 100644 meta-arago-test/SECURITY