[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    www/sites/www/info/security
From:       Albert Astals Cid <aacid () kde ! org>
Date:       2016-07-31 22:35:45
Message-ID: E1bTzKj-0006HD-44 () code ! kde ! org
[Download RAW message or body]

SVN commit 1466077 by aacid:

Redirect to the wiki

CCMAIL: security@kde.org


 M  +2 -43     policy.php  


--- trunk/www/sites/www/info/security/policy.php #1466076:1466077
@@ -1,45 +1,4 @@
 <?php
-  $page_title = "KDE Security Policy";
-  $site_root = "../../";
-  include "header.inc";
+header("Location: https://community.kde.org/Policies/Security_Policy");
+die();
 ?>
-
-<p>
-This policy describes how security related issues are handled after they have
-been reported to <a \
href="&#109;a&#105;lt&#111;&#58;&#115;ecu&#114;ity&#64;&#107;de&#46;o&#114;g">se&#99;u&#114;&#105;t&#121;&#64;kde&#46;&#111;&#114;g</a>.
                
-</p>
-<p>
-Issues that are brought to the attention of <a \
href="ma&#105;l&#116;&#111;&#58;&#115;&#101;c&#117;&#114;&#105;&#116;&#121;&#64;&#107; \
de.&#111;&#114;g">&#115;&#101;&#99;&#117;&#114;&#105;ty&#64;k&#100;&#101;&#46;&#111;&#114;g</a> \
                are handled
-discreetly. The issue will be verified and the author/maintainer of the
-affected code will usually be contacted. If the issue is indeed considered to
-be a problem the need for an immediate fix is assessed. The security team
-will also notify affected parties which are known to reuse the affected code.
-</p>
-<p>
-If an immediate fix is not considered necessary a security alert is issued via
-<a href="http://www.securityfocus.com/archive/1">BugTraq</a> and <a \
href="http://mail.kde.org/mailman/listinfo/kde-announce">kde-ann&#111;&#117;n&#99;e&#64;k&#100;&#101;&#46;&#111;r&#103;</a> \
                and will usually be fixed in the next released version of the \
                software.
-</p>
-<p>
-If an immediate fix is considered necessary, KDE release coordinators are contacted \
                and
-KDE vendor packagers, Linux distributors and other prenotification mailing lists
-are informed once a fix is available that has passed review on <a \
href="ma&#105;&#108;to&#58;s&#101;&#99;&#117;&#114;&#105;t&#121;&#64;&#107;&#100;&#101;.&#111;r&#103;">s&#101;&#99;u&#114;ity&#64;k&#100;&#101;.&#111;rg</a>.
                
-We then give them a reasonable amount of
-time to prepare binary packages. After that time we issue a security alert
-via BugTraq and kde-&#97;nno&#117;&#110;&#99;&#101;&#64;kde&#46;o&#114;&#103;. \
                Patches in source form and
-any available updated binaries are published at the same time.
-</p>
-<p>
-All security alerts are published on <a \
                href="http://www.kde.org/info/security/">http://www.kde.org/info/security/</a>.
                
-</p>
-<p>
-KDE developers that want to join <a \
href="m&#97;&#105;l&#116;&#111;:sec&#117;r&#105;&#116;y&#64;kde.o&#114;&#103;">&#115;&#101;cu&#114;i&#116;&#121;&#64;&#107;&#100;&#101;.org</a> \
                can send a request
-to <a href="&#109;a&#105;&#108;&#116;&#111;:&#115;&#101;c&#117;r&#105;&#116;&#121;&#6 \
4;&#107;d&#101;&#46;&#111;rg">s&#101;cu&#114;ity&#64;k&#100;&#101;&#46;&#111;rg</a>. \
                Applications will be evaluated on a case by case basis by
-the current members. The main criteria is the extent to which someone can be
-helpful in excuting the security policy as described here. That includes a
-willingness not to disclose issues prematurely.
-</p>
-
-<!-- END CONTENT -->
-<?php
-  include "footer.inc";
-?>


[prev in list] [next in list] [prev in thread] [next in thread]