tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

DOC Clarify the security pre-announcement mailing list usage

This commit is contained in:
Serge Latyntcev 2020-09-10 13:13:55 +12:00
parent 2753f823ee
commit a5c1a86dcb
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/en/05_Contributing/04_Release_Process.md
View File

@ -255,7 +255,7 @@ See [Silverstripe CMS Core Release Process](making_a_silverstripe_core_release).
### Pre-announcement mailing list
In addition to our public disclosure process, we maintain a private mailing list where upcoming
"high" or "critical" security releases are pre-announced.
"high" and "critical" security releases are pre-announced.
Members of this list will receive a security pre-announcement, as soon as it has been
sufficiently researched, with a timeline for the upcoming release.
This will happen a few days before the announcement goes public alongside a new release,
@ -270,6 +270,10 @@ You dont need to be a client of Silverstripe Ltd to get on board,
but we will need to perform some low-touch background checks to verify your identity.
Please contact [security@silverstripe.org](mailto:security@silverstripe.org) for details.
Only "high" and "critical" issues are pre-announced via the mailing list. If you want
to know about all the minor security mitigations, keep an eye on the ["releases" forum category](https://forum.silverstripe.org/c/releases),
changelogs and the website section [Security Releases](https://www.silverstripe.org/download/security-releases/).
## Quality Assurance and Testing