Kamailio SIP Server Wiki

User Tools

Site Tools

Trace: pseudovariables pseudovariables new-in-4.4.x core
security:policy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
security:policy [2020/09/03 07:05] – clarifications about security publish process henningwsecurity:policy [2020/09/03 07:07] (current) henningw
Line 22: Line 22:
 === Publishing security vulnerabilities === === Publishing security vulnerabilities ===
  
-Kamailio will publish security vulnerabilities, including an CVE ID, on the kamailio-business mailing list, sr-dev, sr-users as well as related lists. The advisories will also be published on the kamailio.org web site. This will be done for vulnerabilities that have a higher severity, that means having a higher impact as decided from the Kamailio Security Team.+Kamailio will publish security vulnerabilities, including an CVE ID, on the kamailio-business mailing list, sr-dev, sr-users as well as related lists. The advisories will also be published on the kamailio.org web site. This will be done for vulnerabilities that have a higher severity, that means having a big enough impact as decided from the Kamailio Security Team.
  
 CVE entries should be created for critical vulnerabilities in the core and major modules, for rarely used modules this is not necessary. If there are several security issues together in one release, they should be announced together.  CVE entries should be created for critical vulnerabilities in the core and major modules, for rarely used modules this is not necessary. If there are several security issues together in one release, they should be announced together. 
security/policy.1599116753.txt.gz · Last modified: 2020/09/03 07:05 by henningw
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki