Fluid Project Security Policy
The Fluid community has a closed-membership security working group who are available to respond to possible security issues, consisting of a small group of committers to Fluid-related projects.
Any suspected security vulnerabilities can be reported privately by email to firstname.lastname@example.org. These messages will be forwarded to members of the security working group, who are responsible for working with contributors with relevant expertise and the reporter to address the issue in a timely manner.
Once an issue has been fixed and appropriate patches applied, public announcements will be made at an appropriate time to the email@example.com mailing list. For less severe security concerns, patches will be committed to the source code repository with nondescript log messages.
Current Security Working Group Members
- Antranig Basman
- Simon Bates
- Colin Clark
- Michelle D'Souza
- Alan Harnum
- Cindy Li