Latest revision as of 15:54, 21 October 2021

Reporters View

@@ Line 1: / Line 1: @@
 {{svg-header}}
-==Reporters View and Responsibilities==
+{{DeprecatedAndMovedTo|new_location=https://confluence.egi.eu/display/EGIBG/SVG+Reporters+View}}
-This describes the reporters view and responsibilities.
-== What to do if you find a Software Vulnerability in the EGI infrastructure ==
-You should follow the approved [https://documents.egi.eu/document/717  EGI Software Vulnerability Issue Handling Process ]   [https://documents.egi.eu/public/RetrieveFile?docid=47&version=11&filename=EGI-MS405-SVG-47-V12.pdf pdf-file]
-'''DO NOT''' discuss on a mailing list - especially one with an open subsription policy or public archive
-'''DO NOT''' post information on a web page
-'''DO NOT''' publicise in any way - e.g. to the media
-'''IMMEDIATELY Report it to report-vulnerability (at) egi.eu'''
-== If you have accidentally released information publicly ==
-Let us know, and try and get it removed, e.g. if you have put details on a public web page - please delete it.
-== Help and co-operate with the investigation ==
-It is often extremely helpful if the person who finds a vulnerability is able to assist with the investigation. This is not mandatory.
-== The reporter receives information ==
-The SVG will let you know reporter know the outcome of the investigation and risk assessment, including the risk category and Target Date for resolution.  You will receive a copy of the advisory, if one is issued.
 {{svg-issue-views}}