[vpp-dev] Call for volunteers for Security Response Team

Edward Warnicke


Thank you for volunteering :)

Everyone else,

This email got lost in getting to the other mailers in the community, so I've added them back, anyone else volunteer?


On Mon, May 23, 2016 at 3:26 PM, Jim Thompson <jim@...> wrote:
I do this for pfsense, and would be glad to help. 

On Monday, May 23, 2016, Edward Warnicke <hagbard@...> wrote:
As fd.io grows and matures, we realize it is important to establish a vulnerability management process and a security team to define and execute it. We're looking for a small group of security-minded people who can form this team. Responsibilities will include:

* Reading and triaging incoming reports of security issues
* Producing patches for security issues as a top priority
* Maintaining confidentiality of security issues until they are patched and publicly disclosed
* Writing advisories to communicate information about security issues and patches to the community

We have David Jorm, an experienced security engineer, onboard to lead the team and define the process, so don't worry if you aren't a security expert. Anyone who is an active fd.io developer or other contributor would be welcome to join the team. If you are interested, please let the TSC know.