search

oasis-tcs / openeox

OASIS OpenEoX TC: The purpose of this repository is to support version control for Work Product artifacts developed by members of the OASIS OpenEoX TC, including prose specification editing and secondary artifacts like meeting minutes, productivity code, etc.
Other
8 stars 5 forks source link

End-of-Security Vulnerability Support #32

Open santosomar opened 2 weeks ago

santosomar commented 2 weeks ago

This is a follow up of https://github.com/oasis-tcs/openeox/pull/13

Let's define each element and work on their definitions in separate GitHub issues. This issue will focus on defining:

End-of-Security Vulnerability Support

santosomar commented 2 weeks ago

Potential Definition

End-of-Security Vulnerability Support (EOSVS) marks the date when a vendor or maintainer ceases to provide updates and patches to address security vulnerabilities for a particular software or hardware product. After this date, any new security flaws discovered will not be officially fixed. EOSVS is a critical milestone in the product lifecycle, as it signals to users the need to upgrade or replace their products to maintain security compliance and protect against potential cyber threats.

Example:

Consider a software application called "SecureApp" developed by TechSoft. TechSoft has announced that the End-of-Security Vulnerability Support for SecureApp version 4.0 will be on December 31, 2024. After this date, TechSoft will no longer release security patches for any vulnerabilities discovered in version 4.0. Users of SecureApp 4.0 are advised to upgrade to the latest version, SecureApp 5.0, which will continue to receive security updates and support.