Publish CSAF continuously as feed

stackabletech / issues

This repository is only for issues that concern multiple repositories or don't fit into any specific repository

2 stars 0 forks source link

Publish CSAF continuously as feed #592

Closed dervoeti closed 2 months ago

dervoeti commented 5 months ago

### Tasks
- [x] Create Github Action to publish a CSAF document for specific vulnerabilities
- [x] Sign and hash CSAF documents
- [x] Add legal disclaimer to CSAF documents
- [x] Add security contact
- [x] Get the document and file structure verified

dervoeti commented 4 months ago

Mostly done, waiting for review from our contacts at BSI, they might find some more things to improve.

dervoeti commented 3 months ago

Got a list of things to fix / improve, I'm working on it, will be reviewed again by the end of next week

dervoeti commented 2 months ago

Feedback is implemented, CSAF VEX statements will be published here: https://advisories.stackable.tech/ via a Github Action.