tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

DOCS Further wording changes to pre announce release docs

Browse Source
This commit is contained in:
Ingo Schommer 2018-12-19 09:41:44 +13:00
parent 828c43fa0b
commit 8b601b8ecc
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/en/05_Contributing/04_Release_Process.md
View File

@ -191,20 +191,22 @@ Follow these instructions in sequence as much as possible:
### Pre-announcement mailing list
In addition to our public disclosure process, we maintain a private mailinglist
where upcoming security releases are pre-announced. Members of this list will receive a security
pre-announcement as soon as it has been sufficiently researched,
with a timeline for the upcoming release. This will happen a few days before
the announcement goes public alongside new release, and most likely before a patch has been developed.
In addition to our public disclosure process, we maintain a private mailing list where upcoming security releases
are pre-announced. Members of this list will receive a security pre-announcement, as soon as it has been
sufficiently researched, with a timeline for the upcoming release.
This will happen a few days before the announcement goes public alongside a new release,
and most likely before a patch has been developed.
Since well distribute sensitive information on unpatched vulnerabilities in this list,
the selection criteria for joining naturally has to be strict.
Applicants should provide references within the community,
as well as a demonstrated need for this level of information (e.g. involvement with a large website with sensitive customer data).
Since well distribute sensitive information on unpatched vulnerabilities in this list,
the selection criteria for joining naturally has to be strict.
Applicants should provide references within the community,
as well as a demonstrated need for this level of information
(e.g. involvement with a large website with sensitive customer data).
You dont need to be a client of SilverStripe Ltd to get on board,
but we will need to perform some low-touch background checks to verify your identity.
but we will need to perform some low-touch background checks to verify your identity.
Please contact security@silverstripe.org for details.
## Quality Assurance and Testing
The quality of our software is important to us, and we continously test it for regressions