ApacheCon is Coming 9-12 Sept. 2019 - Las Vegas The Apache Software Foundation
Apache 20th Anniversary Logo

Community-led development "The Apache Way"

Apache Support Logo

2012奥运会男足球直播:The Apache Security Team

The Apache Security Team exists to provide help and advice to Apache projects on security issues and to provide co-ordination of the handling of security vulnerabilities.

Reporting a vulnerability

We strongly encourage the reporting of potential security vulnerabilities to one of our private security mailing lists first, before disclosing them in a public forum.

A list of security contacts for Apache projects is available. If you can't find a project specific security e-mail address and you have an undisclosed security vulnerability to report then please use the general security address below.

Please note that the security contacts should only be used for reporting undisclosed security vulnerabilities in Apache projects and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other security related queries at these addresses. All mail sent to these addresses that does not relate to an undisclosed security problem in an Apache project will be ignored.

Also note that the security team handles vulnerabilities in Apache projects, not running ASF services. All reports of vulnerabilities in ASF services should be sent to [email protected] only.

The general security mailing list address is: [email protected]. This is a private mailing list.

Please send one plain-text email for each vulnerability you are reporting. We may ask you to resubmit your report if you send it as an image, movie, HTML, or PDF attachment when it could just as easily be described with plain text.

Encrypted submissions are not required or preferred as it will take us much longer to respond to these reports. There is no team key for [email protected] instead you can use the OpenPGP keys of the following subset of members of the Apache Security Team. Note that this is not a complete list of Apache Security Team members and that you should not contact these members individually about security issues.

The public keys for all of the above can also be obtained in a single file.

Vulnerability Information

Information on the published vulnerabilities for an Apache project can usually be found on the project's web pages. For convenience a list of security information pages for Apache projects is available. If you can't find the information you are looking for on the project's web site, you should ask your question on the project's user mailing list. The security contacts should not be used to ask questions about :

The relevant project's users list is the place to ask such questions. Any such questions sent to the Apache Security Team or to a project security team will be ignored.

Vulnerability handling

An overview of the vulnerability handling process is:

A more detailed description of the process has been written for committers. Reporters of security vulnerabilities may also find it useful.

{ganrao} 山西11选5任选八遗漏 彩票快乐10分开奖 河北快3跨度综合走势 十字星的各种组合图解 快乐双彩中几个好得奖 安徽股票配资网 内蒙11选5任五遗漏 免费一码大公开 福建31选7开奖 辽宁十一选五定牛走势图 昨天青海快三走势图 天津时时彩彩开奖直播 黑龙江11远5一定牛走势图 河南福彩快三最近100期 吉林11选五号码预测推荐 保定哪期货配资做得好