[sr-dev] Security incident management
Olle E. Johansson
oej at edvina.net
Fri Jan 8 09:36:15 CET 2010
Friends,
I know that the number of security reports for SER and Kamailio are very low, in fact so low that I can't remember any. However, it can still happen to us in the future. Do we have any policies and procedure for how to handle it?
Yes, this is being negative, but also realistic. It's not only about our own code, we depend on a large number of external libraries that could release security reports that will affect our user base too, and propably should be forwarded.
Any thoughts?
/O
More information about the sr-dev
mailing list