SVG:RAT Issue Handling Instructions
Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
RAT Issue Handling Instructions
This page is intended for RAT members to provide a summary of what to do when a software vulnerability has been reported. It is intended as a practical summary, to help the RAT carry out the process. Note that this is a first draft, and will probably change/improve as we follow the process.
The full process is described in the Software Vulnerability Isssue handling process document
Also note that common sense may be used - as not all issues are straight forward. The most important thing to remember is not to release information publicly that may be useful to an attacker.
Enter into the Tracker
If it has not been reported via the Tracker
Acknowlege the Reporter
Let the reporter know that a real person is aware that the vulnerability has been reported. This can be done using the template ReporterAfterReport cc the Rat.
| Issue Handling Summary |
Reporters |
SVG View |
Software Providers |
EGI MW Unit |
Deployment |
Notes on Risk |