diff options
Diffstat (limited to 'doc/security/index.rst')
| -rw-r--r-- | doc/security/index.rst | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/doc/security/index.rst b/doc/security/index.rst new file mode 100644 index 000000000..682d73d24 --- /dev/null +++ b/doc/security/index.rst @@ -0,0 +1,44 @@ +:orphan: + +========== + Security +========== + +.. toctree:: + :maxdepth: 1 + + Past Vulnerabilities / CVEs <cves> + Vulnerability Management Process <process> + +Reporting a vulnerability +========================= + +To report a vulnerability, please send email to `security@ceph.io +<security@ceph.io>`_. + +* Please do not file a public ceph tracker issue for a vulnerability. +* We urge reporters to provide as much information as is practicable + (a reproducer, versions affected, fix if available, etc.), as this + can speed up the process considerably. +* Please let us know to whom credit should be given and with what + affiliations. +* If this issue is not yet disclosed publicly and you have any + disclosure date in mind, please share the same along with the + report. + +Although you are not required to, you may encrypt your message using +the following GPG key: + +**6EEF26FFD4093B99: Ceph Security Team (security@ceph.io)** + +| **Download:** `MIT PGP Public Key Server <https://pgp.mit.edu/pks/lookup?op=vindex&search=0x6EEF26FFD4093B99>`_ +| **Fingerprint:** A527 D019 21F9 7178 C232 66C1 6EEF 26FF D409 3B99 + + +Supported versions +================== + +Security updates are applied only to the current `Active Releases`_. + + +.. _Active Releases: https://docs.ceph.com/en/latest/releases/#active-releases |