From 6fc87ab8f0a8622f96dd35e277117dd3ac338fdd Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Wed, 3 Jul 2019 23:56:00 +0200 Subject: Add a section and page on vulnerability management Prepare to import vulnerability management process from wiki and create a short section on the process and referenca a place-holder page where the process will be imported. Issue-ID: SECCOM-246 Change-Id: I796e085a8f0e098f69ca0f9cc0f97fb90fffe23e Signed-off-by: Krzysztof Opasiak --- docs/index.rst | 11 +++++++++++ docs/process.rst | 13 +++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 docs/process.rst diff --git a/docs/index.rst b/docs/index.rst index db3a876..a516e33 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -9,10 +9,21 @@ ONAP Security .. toctree:: :maxdepth: 1 + :hidden: + ONAP Security + process + +Reporting Vulnerabilities +------------------------- + +If you discovered a potential vulnerability in ONAP we kindly ask you to report it to us as soon as possible. +You can do this by creating a ticket in `OJSI jira `_ project. +To get more details about our vulnerability management process or learn about alternative communication channels please refer to :ref:`vm-process`. ONAP Security Advisories (OSA) ------------------------------ + You can find the complete list of published advisories here: .. toctree:: diff --git a/docs/process.rst b/docs/process.rst new file mode 100644 index 0000000..84586ad --- /dev/null +++ b/docs/process.rst @@ -0,0 +1,13 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Strongly based on Open Stack Vulnerability Management Process +.. which is copyrighted to OpenStack Foundation +.. Copyright 2019 Samsung Electronics +.. _vm-process: + +============================= +ONAP Vulnerability Management +============================= + +.. toctree:: + :maxdepth: 1 -- cgit 1.2.3-korg