-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update security-release-process.md
with ref to security-release-team@ email
#63
Comments
/cc @justaugustus |
Corresponding releng tracking issue: kubernetes/sig-release#896 |
/assign |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/remove-lifecycle rotten This needs some input from @kubernetes/product-security-committee. |
@justaugustus: Reopened this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @saschagrunert |
Hey @kubernetes/product-security-committee 👋, do you think you can provide the required information how to move forward with this topic? |
/assign |
@lukehinds thank you for picking this up! Can we provide anything from the SIG release perspective to support you? |
Hey @lukehinds, may I ask you about an update on this? |
|
Tim is reviewing #129, so: |
We now split-up the deliverables to reflect the state better (WIP vs TODO). This also means that we outline if no enhancement is available for a certain item. We also move "Distribute the load of Kubernetes artifacts between vendors (Consumable)" to done since this is mostly in the scope of K8S infra now and we supported the initial phase. We also move "Simplify CVE process for release management (Secure)" to done because there is just a single PR in the scope of Security Response Committee which has to be merged: kubernetes/committee-security-response#63 Signed-off-by: Sascha Grunert <[email protected]>
We now split-up the deliverables to reflect the state better (WIP vs TODO). This also means that we outline if no enhancement is available for a certain item. We also move "Distribute the load of Kubernetes artifacts between vendors (Consumable)" to done since this is mostly in the scope of K8S infra now and we supported the initial phase. We also move "Simplify CVE process for release management (Secure)" to done because there is just a single PR in the scope of Security Response Committee which has to be merged: kubernetes/committee-security-response#63 Signed-off-by: Sascha Grunert <[email protected]>
We now split-up the deliverables to reflect the state better (WIP vs TODO). This also means that we outline if no enhancement is available for a certain item. We also move "Distribute the load of Kubernetes artifacts between vendors (Consumable)" to done since this is mostly in the scope of K8S infra now and we supported the initial phase. We also move "Simplify CVE process for release management (Secure)" to done because there is just a single PR in the scope of Security Response Committee which has to be merged: kubernetes/committee-security-response#63 Signed-off-by: Sascha Grunert <[email protected]>
Previously release-managers-private@ was nested within security@.
As of kubernetes/sig-release#900, there will be a separate security-release-team@ email address.
The
security/security-release-process.md
document should outline the new security-release-team@ email address and how this address should be used when wanting to bring the security release team into a discussion and allow release coordination of a security fix.The text was updated successfully, but these errors were encountered: