Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 578
Alerts This Week
Warning Icon 1 578

OpenSSL Yearly Review: Evolving Vulnerability Management Strategies

General Esm H446
Over the last 10 years, OpenSSL has published advisories on over 100 vulnerabilities. Many more were likely silently fixed in the early days, but in the past year our goal has been to establish a clear public record. In September 2014, the team adopted a security policy that defines how we handle vulnerability reports. One year later, I Our policy divides vulnerabilities into three categories, and defines actions for each category: we use the severity ranking to balance the need to get the fix out fast with the burden release upgrades put on our consumers.

The link for this article located at OpenSSL Team is no longer available.