Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info
The processes defined are

ONAP Vulnerability Management and the onap-security mail alias are only to report issues against the ONAP

platform itself, not the supporting infrastructure that is used by this opensource community.

software itself.  It is NOT to be used for any issues related to tools and infrastructure (DNS, email, web, etc.) 

  • If you would like to report a vulnerability against general project infrastructure (such as DNS, web or email services), please go to http://support.linuxfoundation.org/ → Project Services → Infrastructure Operations and file a bug.
  • The ONAP Project does not pay bug bounties.

...

Vulnerability Management Process Overview

Image Added

Vulnerability Management Process

...