Ansible-collection-for-fos is a new and growing community of volunteers and users. The ansible-collection-for-fos community has adopted this security disclosure and response policy to ensure we responsibly handle critical issues.
Security vulnerabilities should be handled quickly and sometimes privately. The primary goal of this process is to reduce the total time users are vulnerable to publicly known exploits.
If you find a security vulnerability or any security related issues, please do not create a public issue. Instead, send your report to fj-lsoft-fosci@dl.jp.fujitsu.com. Please provide as much information as possible, so we can react quickly.
If you know of a publicly disclosed security vulnerability please IMMEDIATELY email fj-lsoft-fosci@dl.jp.fujitsu.com so that we may start the patch and release. Please provide as much information as possible, so we can react quickly.
When a vulnerability comes in and is acknowledged, a team - including maintainers of the ansible-collection-for-fos project affected - will assembled to patch the vulnerability, release an update, and publish the vulnerability disclosure.