From c2538a65f4ad58c2016e65069ae991cd2fae04a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciek=20Go=C5=82aszewski?= Date: Thu, 21 Nov 2024 13:20:24 +0100 Subject: [PATCH] Create SECURITY.md (#13) This pr adds security.md and introduces a policy enabling users to report security issues. --- CODEOWNERS | 1 + SECURITY.md | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 CODEOWNERS create mode 100644 SECURITY.md diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..370b7d8 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* @canonical/kubernetes diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..19daa67 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,15 @@ +# Security Policy + +## Reporting a Vulnerability + +To report a security issue, please follow the steps below: + +Using GitHub, file a [Private Security Report](https://github.com/canonical/cilium-rocks/security/advisories/new) with: +- A description of the issue +- Steps to reproduce the issue +- Affected versions of the `cilium-rocks` package +- Any known mitigations for the issue + +The [Ubuntu Security disclosure and embargo policy](https://ubuntu.com/security/disclosure-policy) contains more information about what to expect during this process and our requirements for responsible disclosure. + +Thank you for contributing to the security and integrity of the `cilium-rocks`!