[openstack-dev] [kolla][security] Obtaining the vulnerability:managed tag
me at coolsvap.net
Wed Mar 2 04:11:25 UTC 2016
On Tue, Mar 1, 2016 at 10:25 PM, Steven Dake (stdake) <stdake at cisco.com> wrote:
> Core reviewers,
> Please review this document:
> It describes how vulnerability management is handled at a high level for
> Kolla. When we are ready, I want the kolla delivery repos vulnerabilities
> to be managed by the VMT team. By doing this, we standardize with other
> OpenStack processes for handling security vulnerabilities.
> The first step is to form a kolla-coresec team, and create a separate
> kolla-coresec tracker. I have already created the tracker for kolla-coresec
> and the kolla-coresec team in launchpad:
> I have a history of security expertise, and the PTL needs to be on the team
> as an escalation point as described in the VMT tagging document above. I
> also need 2-3 more volunteers to join the team. You can read the
> requirements of the job duties in the vulnerability:managed tag.
> If your interested in joining the VMT team, please respond on this thread.
> If there are more then 4 individuals interested in joining this team, I will
> form the team from the most active members based upon liberty + mitaka
> commits, reviews, and PDE spent.
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
I am interested in security. I would .like to be a part of it.
More information about the OpenStack-dev