Security

From Lustre Wiki
Revision as of 21:09, 8 February 2024 by Adilger (talk | contribs) (minor edits)
Jump to navigation Jump to search

If you have details of a suspected security vulnerability in Lustre code that you wish to report then please email us at [email protected] with the details.

Please do not file a public JIRA issue for a security vulnerability - we do not want to draw attention to the vulnerability until a fix has been developed and administrators have been alerted and have had some time to put a mitigation in place.

Ideally the reporting email should have as much detail as possible:

  • reproducer, versions affected, fix if available, etc.
  • indicate to whom (individual and/or affiliation) that credit for finding the issue should be reported
  • details of any CVE already reserved
  • your intentions around disclosing the details of the vulnerability

We aim to respond to any such reports within three business days of receipt.

Retrieved from "http://wiki.lustre.org/index.php?title=Security&oldid=4764"