Security release process description (#1861)

* - enhance README to include security release process compatible wiht k8s * - second version of Security release process, including "Collaborating Projects" * - reformulate the security release process within a separated doc. * - add following comment from Sec Team .part 1 * - refactored with comments from Security IB - refactored considering the same existing document in another CNCF project (envoy) * - adjust seucrity of README to point the new security process page * - revert change on FOSSA * - fix comments from John. * - removing the todos (I pushed them on the description of the PR) * - define the PST members in OWNER file * - fix from review - add a cahpter for mailing list presentation * - point the PST members in OWNER file * - register PST under name 'security' in OWNER file - early announce will be on coredns-distributors-announce@googlegroup.com - remove hall of fame reference * - remove list of security team members from owner file. mailing list of security@coredns.io will be the reference
2025-10-26 15:54:16 -04:00 · 2018-10-21 13:25:22 -04:00
parent 4b1b0ec9e6
commit fdb31a27f3
2 changed files with 191 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -208,3 +208,5 @@ repository](https://github.com/coredns/deployment).
 If you find a security vulnerability or any security related issues, please DO NOT file a public
 issue, instead send your report privately to `security@coredns.io`. Security reports are greatly
 appreciated and we will publicly thank you for it.
+
+Please consult [security vulnerability disclosures and security fix and release process document](https://github.com/coredns/coredns/SECURITY-RELEASE-PROCESS.md)