zookeeper-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From f..@apache.org
Subject svn commit: r1726522 - in /zookeeper/site/trunk: content/security.textile templates/sidenav.textile
Date Sun, 24 Jan 2016 17:57:52 GMT
Author: fpj
Date: Sun Jan 24 17:57:52 2016
New Revision: 1726522

URL: http://svn.apache.org/viewvc?rev=1726522&view=rev
Log:
Adding security page.


Added:
    zookeeper/site/trunk/content/security.textile
Modified:
    zookeeper/site/trunk/templates/sidenav.textile

Added: zookeeper/site/trunk/content/security.textile
URL: http://svn.apache.org/viewvc/zookeeper/site/trunk/content/security.textile?rev=1726522&view=auto
==============================================================================
--- zookeeper/site/trunk/content/security.textile (added)
+++ zookeeper/site/trunk/content/security.textile Sun Jan 24 17:57:52 2016
@@ -0,0 +1,37 @@
+Title:     Security
+Notice:    Licensed to the Apache Software Foundation (ASF) under one
+           or more contributor license agreements.  See the NOTICE file
+           distributed with this work for additional information
+           regarding copyright ownership.  The ASF licenses this file
+           to you under the Apache License, Version 2.0 (the
+           "License"); you may not use this file except in compliance
+           with the License.  You may obtain a copy of the License at
+           .
+             http://www.apache.org/licenses/LICENSE-2.0
+           .
+           Unless required by applicable law or agreed to in writing,
+           software distributed under the License is distributed on an
+           "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+           KIND, either express or implied.  See the License for the
+           specific language governing permissions and limitations
+           under the License.
+
+h1. ZooKeeper Security
+
+The Apache Software Foundation takes security issues very seriously. Due to the infrastructure
+nature of the Apache ZooKeeper project specifically, we haven't had many reports over time,
but
+it doesn't mean that we haven't had concerns over some bugs and vulnerabilities. If you have
any
+concern or believe you have uncovered a vulnerability, we suggest that you get in touch via
the
+e-mail address <a href="mailto:security@zookeeper.apache.org?Subject=[SECURITY] My security
issue"
+target="_top">security@zookeeper.apache.org</a>. In the message, try to provide
a description of the
+issue and ideally a way of reproducing it. 
+
+The ASF Security team maintains a page with a description of how vulnerabilities are handled,

+check their <a href="http://www.apache.org/security/">Web page</a>). You may
alternatively contact
+them first the report your potential vulnerability on
+<a href="mailto:security@apache.org" target="_top">security@apache.org</a>. Note
that both security
+addressed should be used only for undisclosed vulnerabilities. Dealing with fixed issues
should 
+be handled regularly via the user and the dev lists.
+
+_Please report any security problems to either the project security address or to the ASF
security
+team before disclosing it publicly._
\ No newline at end of file

Modified: zookeeper/site/trunk/templates/sidenav.textile
URL: http://svn.apache.org/viewvc/zookeeper/site/trunk/templates/sidenav.textile?rev=1726522&r1=1726521&r2=1726522&view=diff
==============================================================================
--- zookeeper/site/trunk/templates/sidenav.textile (original)
+++ zookeeper/site/trunk/templates/sidenav.textile Sun Jan 24 17:57:52 2016
@@ -8,7 +8,7 @@ h3. Project
 * "License":http://www.apache.org/licenses/
 * "Privacy Policy":./privacy.html
 * "Sponsorship":http://www.apache.org/foundation/sponsorship.html
-* "Security":http://www.apache.org/security/
+* "Security":./security.html
 * "Thanks":http://www.apache.org/foundation/thanks.html
 
 h3. Subprojects



Mime
View raw message