We forgot to tell anyone that we were publishing security notices online at https://security.libvirt.org Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- docs/securityprocess.html.in | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/docs/securityprocess.html.in b/docs/securityprocess.html.in index 2bab07bf39..adf30259b0 100644 --- a/docs/securityprocess.html.in +++ b/docs/securityprocess.html.in @@ -37,6 +37,19 @@ moderator and the reporter copied on any replies. </p> + <h2><a id="secnotice">Security notices</a></h2> + + <p> + Information for all historical security issues is maintained in + machine parsable format in the + <a href="https://libvirt.org/git/?p=libvirt-security-notice.git;a=log">libvirt-security-notice GIT repository</a> and + <a href="https://security.libvirt.org">published online</a> + in text, HTML and XML formats. Security notices are published + on the <a href="https://libvirt.org/contact.html#email">libvirt-announce mailing list</a> + when any embargo is lifted, or as soon as triaged if already + public knowledge. + </p> + <h2><a id="seclist">Security team</a></h2> <p> @@ -102,12 +115,5 @@ will be responsible for backporting the officially published fixes to other release branches where applicable. </p> - - <h2><a id="notification">Notification of issues</a></h2> - - <p> - When an embargo expires, security issues will be announced on both - the libvirt development and announcement <a href="https://libvirt.org/contact.html#email">mailing lists</a>. - </p> </body> </html> -- 2.14.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list