gRFC P4: Define gRPC's CVE process

220 views

Skip to first unread message

Kailash Sethuraman

unread,

Apr 9, 2019, 6:03:11 PM4/9/19

to grpc.io

Hi Everyone,

We have a gRFC out for a formal process to file, triage and address vulnerabilities in gRPC.

It is heavily adopted and influenced by similar processes that are in place for other Cloud Native Computing Foundation (CNCF) projects such as Kubernetes and Envoy.

Please review, and provide feedback and comments!

Proposal PR: https://github.com/grpc/proposal/pull/138

Thanks,

Kailash

Reply all

Reply to author

Forward

0 new messages