gateway icon indicating copy to clipboard operation
gateway copied to clipboard
verified publisher icon envoyproxy

Establish processes for security issue reporting, evaluation, fix release

Open guydc opened this issue 1 year ago • 3 comments

Description: Projects like Envoy proxy have a robust processe for vulnerability management, outlined here.

Envoy Gateway should establish similar processes, communication channels, responsibilities, SLOs, etc.

Additionally, Envoy Gateway security representatives should strive to join the Envoy Proxy private distributor list, to ensure early disclosure of vulnerabilities and proper preparation for fix releases.

guydc avatar Mar 14 '24 22:03 guydc

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

github-actions[bot] avatar Apr 14 '24 04:04 github-actions[bot]

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

github-actions[bot] avatar Jun 22 '24 04:06 github-actions[bot]

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

github-actions[bot] avatar Aug 22 '24 16:08 github-actions[bot]

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

github-actions[bot] avatar Dec 22 '24 04:12 github-actions[bot]

added an initial policy to start off with https://github.com/envoyproxy/gateway/pull/5167

arkodg avatar Jan 28 '25 00:01 arkodg

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

github-actions[bot] avatar Feb 27 '25 04:02 github-actions[bot]