Grid Security Vulnerability Group Issue Handling
This describes how we handle issues in the GSVG
Issue Submission
Issues may be submitted by anyone, either by e-mail to project-egee2-grid-vulnerability-report@cern.ch (for short grid-vulnerability-report@cern.ch) or by entering an issue in the Grid Vulnerability Savannah
Risk Assessment
After the issue has been submitted a Risk Assessment is carried out by the Risk Assessment Team (RAT), and a Target Date (TD) is set for fixing the issue.
Fixing the issue
After the risk assessment the Issue is assigned to the development cluster responsible for that particular piece of middleware.
Later
An advisory is issued when the problem is fixed or on the Target Date, whichever is the sooner. These are placed on the advisories web page. We now have approval of our process, so this can begin. When the issue is fixed the advisory is referred to in the release notes.
More details
We also provide a more detailed summary of the vulnerability procedure and a detailed pdf document describing the Vulnerability Process . This detailed document also describes the duties of various people within the GSVG.
| back to GSVG home |
Last modified Wed 18 July 2007 . View page history
Switch to HTTPS . Website Help . Print View . Built with GridSite 1.4.3