From 076f4f53d35b55cd98af8e7460675f95d5761188 Mon Sep 17 00:00:00 2001 From: shiyaobin Date: Wed, 15 Jun 2022 16:51:47 +0800 Subject: [PATCH] migrate security-committee info from website Signed-off-by: shiyaobin --- sig/security-committee/README.en.md | 37 +++++++++++++++++++++++++ sig/security-committee/README.md | 40 ++++++++++++++++++++++++++++ sig/security-committee/sig-info.yaml | 17 ++++++++++++ 3 files changed, 94 insertions(+) create mode 100644 sig/security-committee/README.en.md create mode 100644 sig/security-committee/README.md create mode 100644 sig/security-committee/sig-info.yaml diff --git a/sig/security-committee/README.en.md b/sig/security-committee/README.en.md new file mode 100644 index 0000000000..a2df90dce2 --- /dev/null +++ b/sig/security-committee/README.en.md @@ -0,0 +1,37 @@ +## SIG Home +https://openanolis.cn/sig/security-committee + +## SIG Mission +Dedicated to solve vulnerability identification, mining, reporting, responding, fixing and security preaching. + +# Main Resposibility +- Vulnerability identification: discussing vulnerability identification technology, developing and introducing tools to help developers to avoid involving vulnerabilities to software. +- Vulnerability mining: discussing vulnerability mining technology, developing and introducing tools to mine vulnerability as soon as possible. +- Vulnerability responding: tracking the progress of security issues, following the security issues disclosure strategy to disclose and announce vulnerabilities +- Vulnerability fixing: timely fixing known vulnerabilities, notifying users to update their systems timely. +- Others: Centos security taking up communication and implementation. + +## Members +| Member | Role | +| ------------ | ------------ | +| larryshi | maintainer | +| uos_caopeiqing | maintainer | +| shiloong | maintainer | +| swordantcs | contributor | +| yunqi-zwt | contributor | +| yunye-ry | contributor | +| yongchao | contributor | + +## SIG Repositories + +## Mail +| Mail| Usage | +| ------------ | ------------ | +| security@openanolis.org | To report vulnerabilities for OpenAnolis projects | +| ansa-announce@lists.openanolis.cn | To subscribe security advisory announcementi for OpenAnolis projects | + +## Meetings +Schedule meetings biweekly via dingding video meeting. + +## Chat GROUP +dingding Chat ID: 33311793 diff --git a/sig/security-committee/README.md b/sig/security-committee/README.md new file mode 100644 index 0000000000..a29d715315 --- /dev/null +++ b/sig/security-committee/README.md @@ -0,0 +1,40 @@ +## SIG主页 +https://openanolis.cn/sig/security-committee + +## SIG目标 +及时发现并修复Anolis 中存在的安全漏洞,为Anolis 用户和开发者提供最安全的产品和开发环境。 + +## 主要职责 +- 漏洞识别:漏洞识别技术交流,开发和引入工具来帮助开发人员避免软件引入安全漏洞。 +- 漏洞挖掘:漏洞挖掘技术的交流,开发和引入漏洞挖掘工具进行主动漏洞挖掘。 +- 响应安全问题:响应上报的安全问题,跟踪安全问题的处理进展,并遵循安全问题披露策略对安全问题在社区内进行披露和公告。 +- 漏洞修复:讨论漏洞修复方案,确保及时修复漏洞,公告用户及时更新。 +- 安全布道:普及安全知识,回答开发和使用anolis过程中遇到的安全问题。 +- 其它安全问题:Centos 安全接管交流和实现等。 + +## 成员列表 +| 成员| 角色 | +| ------------ | ------------ | +| larryshi | maintainer | +| uos_caopeiqing | maintainer | +| shiloong | maintainer | +| swordantcs | contributor | +| yunqi-zwt | contributor | +| yunye-ry | contributor | +| yongchao | contributor | + +## SIG 仓库 +Source code repositories: + +## 邮箱 +| 邮箱 | 用途 | +| ------------ | ------------ | +| security@openanolis.org | Anolis安全漏洞上报,上报详细信息请参考安全漏洞上报和披露流程 | +| ansa-announce@lists.openanolis.cn | 发布安全公告,欢迎订阅。| + +## 小组例会 +双周二下午4:00~5:00,通过dingding视频会议召开 + +## 钉钉群 +欢迎使用钉钉群讨论问题,钉钉群号:33311793 + diff --git a/sig/security-committee/sig-info.yaml b/sig/security-committee/sig-info.yaml new file mode 100644 index 0000000000..6bb20f0dd0 --- /dev/null +++ b/sig/security-committee/sig-info.yaml @@ -0,0 +1,17 @@ +name: Security-Committee +show_name: 安全委员会 +description: 致力于安全问题识别,挖掘,报告,响应,修复,布道, 以及其它用户遇到的安全问题的解决方案。 +mailing_list: ansa-announce@lists.openanolis.cn +meeting_url: https://etherpad.openanolis.cn/p/security-committee +maintainers: +- openanolis_id: larryshi + gitee_id: shiyaobin + organization: AlibabaCloud +- openanolis_id: uos_caopeiqing + gitee_id: hustcao4 + organization: Uniontech +- openanolis_id: shiloong + gitee_id: shiloong + organization: AlibabaCloud +repositories: +- repo: -- Gitee