janhoy commented on issue #4: SOLR-13910 Add security pages news feeds for solr, core, and tlp URL: https://github.com/apache/lucene-site/pull/4#issuecomment-552670342 I think we won't need security news for TLP or "core/java", since we have never felt the need to file a CVE until now. So let's just start with Solr and then add others if future need. The Solr Security page should ideally contain some introduction about how to report a security issue (secur...@lucene.apache.org), link to the Confluence page discussing known false XSS issues that they don't need to report, and then below that the list of announcements. [Elastic's security page](https://www.elastic.co/community/security) could perhaps give some inspiration. Is it possible to introduce custom properties in each post, so we could have e.g. `CVEnum: 2019-xyz` on top of every announcement and could then render the announcements as a table?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org For additional commands, e-mail: issues-h...@lucene.apache.org
