kevgliss
commit
26d490f74a
|
|
@ -136,7 +136,7 @@ Lemur has discovered certificates from a third party source. This is also a defa
|
|||
administer Lemur.
|
||||
|
||||
In addition to creating a new user, Lemur also creates a few default email notifications. These notifications are based
|
||||
on a few configuration options such as `LEMUR_SECURITY_TEAM_EMAIL`. They basically guarantee that every cerificate within
|
||||
on a few configuration options such as `LEMUR_SECURITY_TEAM_EMAIL`. They basically guarantee that every ceritificate within
|
||||
Lemur will send one expiration notification to the security team.
|
||||
|
||||
Additional notifications can be created through the UI or API.
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ containing:
|
|||
new releases, and publicly disclose the issue.
|
||||
|
||||
Simultaneously, the reporter of the issue will receive notification of the date
|
||||
on which we plan to take the issue public.
|
||||
on which we plan to make the issue public.
|
||||
|
||||
On the day of disclosure, we will take the following steps:
|
||||
|
||||
|
|
@ -59,7 +59,7 @@ known exploit in the wild, for example – the time between advance notification
|
|||
and public disclosure may be shortened considerably.
|
||||
|
||||
The list of people and organizations who receives advanced notification of
|
||||
security issues is not and will not be made public. This list generally
|
||||
security issues is not, and will not, be made public. This list generally
|
||||
consists of high profile downstream distributors and is entirely at the
|
||||
discretion of the ``lemur`` team.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue