Difference between revisions of "SVG:SVG View"
(Created page with '{{svg-header}} == Software Vulnerability Group (SVG) view and responsibilities concerning issue handling == The vulnerability issue handling process is mostly carried out by th…') |
|||
Line 8: | Line 8: | ||
It is the SVG's responsibility to setup and maintain the infrastructure needed to carry out the software vulnerability issue handling. This includes the mailing list for resporting issues, mailing list for the RAT to investigate and assess issues, this wiki and the mechanism for distributing advisories. (Note that these will be on sites hosted by EGI). It also involves ensuring that contact details for various software providers are at hand and readily available. | It is the SVG's responsibility to setup and maintain the infrastructure needed to carry out the software vulnerability issue handling. This includes the mailing list for resporting issues, mailing list for the RAT to investigate and assess issues, this wiki and the mechanism for distributing advisories. (Note that these will be on sites hosted by EGI). It also involves ensuring that contact details for various software providers are at hand and readily available. | ||
== Provide a rota for working days == | |||
SVG will try and ensure that at least 1 RAT member is available on all working days. Note that the SVG does not guarantee cover on all working days, but aims to do so. | |||
== Handle issues reported == | |||
Issues will be handled according to the PEB approved Software Vulnerability Group issue handling | |||
process, which is described in the | |||
This this includes: | |||
{{svg-issue-views}} | {{svg-issue-views}} |
Revision as of 16:01, 15 October 2010
Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
SVG View
Software Vulnerability Group (SVG) view and responsibilities concerning issue handling
The vulnerability issue handling process is mostly carried out by the SVG Risk Assessment Team or RAT.
Setup and maintain infrastructure
It is the SVG's responsibility to setup and maintain the infrastructure needed to carry out the software vulnerability issue handling. This includes the mailing list for resporting issues, mailing list for the RAT to investigate and assess issues, this wiki and the mechanism for distributing advisories. (Note that these will be on sites hosted by EGI). It also involves ensuring that contact details for various software providers are at hand and readily available.
Provide a rota for working days
SVG will try and ensure that at least 1 RAT member is available on all working days. Note that the SVG does not guarantee cover on all working days, but aims to do so.
Handle issues reported
Issues will be handled according to the PEB approved Software Vulnerability Group issue handling process, which is described in the
This this includes:
| Issue Handling Summary | Reporters | SVG View | Software Providers | EGI MW Unit | Deployment | Notes on Risk |