The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
Please hold off on merging this until it can be discussed by the Vuln Disclosures WG and the CVE Outreach and Community WG (meets next Wednesday, Sept 27th).
cc-ing the reviewers on the Google doc draft: @SecurityCRob @kurtseifried @andrewpollock @zmanion @Cyber-JiuJiteria
Authored from this draft: https://docs.google.com/document/d/1jo5van4ryPDOd0O7njzqyCBDq0NG-Z-sK2v-l9z7R2s
Please hold off on merging this until it can be discussed by the Vuln Disclosures WG and the CVE Outreach and Community WG (meets next Wednesday, Sept 27th).
cc-ing the reviewers on the Google doc draft: @SecurityCRob @kurtseifried @andrewpollock @zmanion @Cyber-JiuJiteria