SVG:Reporters View
Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
Reporters View
Reporters View and Responsibilities
This describes the reporters view and responsibilities.
What to do if you find a Software Vulnerability in the EGI infrastructure
You should follow the approved EGI Software Vulnerability Issue Handling Process
DO NOT discuss on a mailing list - especially one with an open subsription policy or public archive
DO NOT post information on a web page
DO NOT publicise in any way - e.g. to the media
IMMEDIATELY Report it to report-vulnerability (at) egi.eu
If you have accidentally released information publicly
Let us know, and try and get it removed, e.g. if you have put details on a public web page - please delete it.
Help and co-operate with the investigation
It is often extremely helpful if the person who finds a vulnerability is able to assist with the investigation. This is not mandatory.
The reporter receives information
The SVG will let you know reporter know the outcome of the investigation and risk assessment, including the risk category and Target Date for resolution. You will receive a copy of the advisory, if one is issued.
| Issue Handling Summary |
Reporters |
SVG View |
Software Providers |
EGI MW Unit |
Deployment |
Notes on Risk |