[PATCH v1 0/1] Define security policy in SECURITY.md file for repository


Kun Qin
 

This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1

Cc: Andrew Fish <afish@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Miki Demeter <miki.demeter@...>
Cc: Sean Brogan <sean.brogan@...>

Sean Brogan (1):
Define security policy in SECURITY.md file for repository

SECURITY.md | 33 ++++++++++++++++++++
1 file changed, 33 insertions(+)
create mode 100644 SECURITY.md

--
2.37.1.windows.1


Demeter, Miki
 

Ack

 

Need to get this acked by others in infosec too

 

 

-- 

Miki Demeter (she/her/Miki)

Security Researcher / FW Developer

FST

Intel Corporation

 

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon

NIA-Oregon

 

Portland Women in Tech Best Speaker

miki.demeter@...

503.712.8030 (office)

971.248.0123 (cell)

 

 

From: Kun Qin <kuqin12@...>
Date: Thursday, March 9, 2023 at 1:44 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Andrew Fish <afish@...>, Leif Lindholm <quic_llindhol@...>, Kinney, Michael D <michael.d.kinney@...>, Demeter, Miki <miki.demeter@...>, Sean Brogan <sean.brogan@...>
Subject: [PATCH v1 0/1] Define security policy in SECURITY.md file for repository

This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1

Cc: Andrew Fish <afish@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Miki Demeter <miki.demeter@...>
Cc: Sean Brogan <sean.brogan@...>

Sean Brogan (1):
  Define security policy in SECURITY.md file for repository

 SECURITY.md | 33 ++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 SECURITY.md

--
2.37.1.windows.1


Kevin@Insyde
 

Reviewed-by: Kevin D Davis <kevin.davis@insyde.com>

Kevin
Insyde Software

On Mar 27, 2023, at 5:26 PM, Demeter, Miki via groups.io <miki.demeter@...> wrote:



Ack

 

Need to get this acked by others in infosec too

 

 

-- 

Miki Demeter (she/her/Miki)

Security Researcher / FW Developer

FST

Intel Corporation

 

Co-Chair, Network of Intel African-Ancestry(NIA) - Oregon

NIA-Oregon

 

Portland Women in Tech Best Speaker

miki.demeter@...

503.712.8030 (office)

971.248.0123 (cell)

 

 

From: Kun Qin <kuqin12@...>
Date: Thursday, March 9, 2023 at 1:44 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Andrew Fish <afish@...>, Leif Lindholm <quic_llindhol@...>, Kinney, Michael D <michael.d.kinney@...>, Demeter, Miki <miki.demeter@...>, Sean Brogan <sean.brogan@...>
Subject: [PATCH v1 0/1] Define security policy in SECURITY.md file for repository

This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1

Cc: Andrew Fish <afish@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Miki Demeter <miki.demeter@...>
Cc: Sean Brogan <sean.brogan@...>

Sean Brogan (1):
  Define security policy in SECURITY.md file for repository

 SECURITY.md | 33 ++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 SECURITY.md

--
2.37.1.windows.1


Leif Lindholm
 

On 2023-03-09 19:43, Kun Qin wrote:
This change added a markdown file as a policy guideline for Tianocore EDK2
community to handle security sensitive reports.
Patch v1 branch: https://github.com/kuqin12/edk2/tree/patch-1
Cc: Andrew Fish <afish@...>
Cc: Leif Lindholm <quic_llindhol@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Miki Demeter <miki.demeter@...>
Cc: Sean Brogan <sean.brogan@...>
Sean Brogan (1):
Define security policy in SECURITY.md file for repository
SECURITY.md | 33 ++++++++++++++++++++
1 file changed, 33 insertions(+)
create mode 100644 SECURITY.md
Nitpick: edk2 is alternaltingly capitalised or not in the readme.
But

Reviewed-by: Leif Lindholm <quic_llindhol@...>