quarkus icon indicating copy to clipboard operation
quarkus copied to clipboard

Published 20 hours ago verified publisher icon quarkusio

Add a security vulnerabilities page on quarkus website

Open maxandersen opened this issue 3 years ago • 2 comments

Discussed in https://github.com/quarkusio/quarkus/discussions/27026

Originally posted by farnulfo July 29, 2022 Hi, On quarkus blog we can see release with security fixes like https://quarkus.io/blog/quarkus-2-10-3-final-released/ . But I missed a permanent security section with quarkus releases about security. Apache tomcat security vulnerabilities for a major version like https://tomcat.apache.org/security-9.html is really a great model that I would like to have for quarkus.

What do you think ?

maxandersen avatar Aug 04 '22 07:08 maxandersen

/cc @sberyozkin

quarkus-bot[bot] avatar Aug 04 '22 07:08 quarkus-bot[bot]

It would be nice if it could be done as part of the release process somehow, where we can have resolved non-embargoed CVEs listed

sberyozkin avatar Aug 08 '22 09:08 sberyozkin