Mirror of the gdb mailing list
 help / color / mirror / Atom feed
From: Mark Wielaard <mark@klomp.org>
To: overseers@sourceware.org
Cc: gcc@gcc.gnu.org, binutils@sourceware.org,
	libc-alpha@sourceware.org,  gdb@sourceware.org
Subject: Sourceware Cyber Security FAQ
Date: Wed, 27 Nov 2024 17:35:00 +0100	[thread overview]
Message-ID: <5f6e7deb0c8c38dabb02bd38eb3efba1eb65807c.camel@klomp.org> (raw)

Hi all,

After lots of discussions at some of our Open Office hours, at the
Cauldron, with other Software Freedom organizations and some of our
hardware and services providers we now have a Sourceware Cyber Security
FAQ explaining topics like the "US Improving the Nation's Cybersecurity
Executive Order 14028", "EU Cyber Resilience Act (EU CRA)" and "Secure
Software Development Framework (NIST SP 800-218)".

https://sourceware.org/cyber-security-faq.html

We would like to extend this with some recommended practices for
projects to adopt. Although it is clear that these regulations are
mainly aimed at commercial entities, who bear the brunt of these
requirements. We believe this is an opportunity for projects to get
more (corporate) contributions since these guidelines and requirements
strongly suggest/mandate to make all their work public and contribute
(security issues) back upstream. So any policies documenting how to
clearly report issues and documenting the contributing and release
practices should be helpful.

Please let us know if you have any questions or suggestions.

Cheers,

Mark Wielaard
(for the Sourceware PLC)
https://sourceware.org/mission.html#plc

             reply	other threads:[~2024-11-27 16:35 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-11-27 16:35 Mark Wielaard [this message]
2024-11-27 17:27 ` Jeffrey Walton via Gdb
2024-11-27 19:03   ` Mark Wielaard
2025-04-10 22:12 ` Mark Wielaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5f6e7deb0c8c38dabb02bd38eb3efba1eb65807c.camel@klomp.org \
    --to=mark@klomp.org \
    --cc=binutils@sourceware.org \
    --cc=gcc@gcc.gnu.org \
    --cc=gdb@sourceware.org \
    --cc=libc-alpha@sourceware.org \
    --cc=overseers@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox