envoyproxy / java-control-plane

Java implementation of an Envoy gRPC control plane
Apache License 2.0
293 stars 136 forks source link

Security Policy violation SECURITY.md #174

Closed allstar-app[bot] closed 3 years ago

allstar-app[bot] commented 3 years ago

Security Policy SECURITY.md is out of compliance, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

Issue created by Allstar. https://github.com/ossf/allstar

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

snowp commented 3 years ago

This one is a bit tricky since jcp has yet to release a major version, so the idea of back porting security fixes doesn't make a whole lot of sense. Would it be sufficient to just spell this out?

@mattklein123 @asraa @jeffmendoza

jeffmendoza commented 3 years ago

The important thing here are instructions / process for reporting a security vulnerability.

Supported versions / back-porting is more informational.

asraa commented 3 years ago

We should probably just link to envoy-security email list for private disclosures then Likely not much will result in a CVE on this front anyway?

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

Updating issue after ping interval, status: SECURITY.md not found. Go to https://github.com/envoyproxy/java-control-plane/security/policy to enable.

allstar-app[bot] commented 3 years ago

In compliance, closing.