Commit 33eae334 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'full-post-to-oss-security' of /home/git/repositories/gitlab/gitlabhq

parents 6cc3cc51 6413bfb5
...@@ -26,10 +26,10 @@ Please report suspected security vulnerabilities in private to support@gitlab.co ...@@ -26,10 +26,10 @@ Please report suspected security vulnerabilities in private to support@gitlab.co
1. Send out an email to the subscribers mailing list on MailChimp 1. Send out an email to the subscribers mailing list on MailChimp
1. Send out an email to [the community google mailing list](https://groups.google.com/forum/#!forum/gitlabhq) 1. Send out an email to [the community google mailing list](https://groups.google.com/forum/#!forum/gitlabhq)
1. Send out an email to [the GitLab newsletter list](http://gitlab.us5.list-manage.com/subscribe?u=498dccd07cf3e9482bee33ba4&id=98a9a4992c) 1. Send out an email to [the GitLab newsletter list](http://gitlab.us5.list-manage.com/subscribe?u=498dccd07cf3e9482bee33ba4&id=98a9a4992c)
1. Post a signed copy of our announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number 1. Post a signed copy of our complete announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number
1. Add the security researcher to the [Security Researcher Acknowledgments list](http://www.gitlab.com/vulnerability-acknowledgements/) 1. Add the security researcher to the [Security Researcher Acknowledgments list](http://www.gitlab.com/vulnerability-acknowledgements/)
1. Thank the security researcher in an email for their cooperation 1. Thank the security researcher in an email for their cooperation
1. Update the blogposts when we receive the CVE number 1. Update the blogpost and the CHANGELOG when we receive the CVE number
The timing of the code merge into master should be coordinated in advance. The timing of the code merge into master should be coordinated in advance.
After the merge we strive to publish the announcements within 60 minutes. After the merge we strive to publish the announcements within 60 minutes.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment