Closed ribose-jeffreylau closed 9 months ago
URL: https://open.ribose.com/cve-policy/
Currently, it includes content from the disclosure policy from Ribose SaaS. What needs to be done is to have only CVE disclosure policy for open source projects.
Here is a guide that we can probably reference with regards to setting up the policy:
https://github.com/ossf/oss-vulnerability-guide/blob/main/maintainer-guide.md#set-up-the-vulnerability-management-infrastructure
cc: @ronaldtse
URL: https://open.ribose.com/cve-policy/
Currently, it includes content from the disclosure policy from Ribose SaaS. What needs to be done is to have only CVE disclosure policy for open source projects.
Here is a guide that we can probably reference with regards to setting up the policy:
https://github.com/ossf/oss-vulnerability-guide/blob/main/maintainer-guide.md#set-up-the-vulnerability-management-infrastructure
cc: @ronaldtse