From f5e4e4b322403083703fe42ee90a13dd697c15f6 Mon Sep 17 00:00:00 2001 From: Artem Kopotev Date: Wed, 12 Feb 2025 14:46:45 +0000 Subject: [PATCH] lsc23: Added vulnerability report guidance Guidance that points to the Arm Developer website and explains whom to contact. Signed-off-by: Artem Kopotev --- totalcompute/lsc23/vulnerability_report.rst | 27 +++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 totalcompute/lsc23/vulnerability_report.rst diff --git a/totalcompute/lsc23/vulnerability_report.rst b/totalcompute/lsc23/vulnerability_report.rst new file mode 100644 index 0000000..7e3aaa4 --- /dev/null +++ b/totalcompute/lsc23/vulnerability_report.rst @@ -0,0 +1,27 @@ +.. _docs/totalcompute/lsc23/security: + +Report Security Vulnerability +============================= + +Total Compute/Large Screen Compute reference design software solutions are +example software projects containing downstream versions of open source +components. Although the components in these solutions track their upstream +versions, users of these solutions are responsible for ensuring that, if +necessary, these components are updated before use to ensure they contain +any new functional or security fixes that may be required. + +If you think you have found a security vulnerability in a specific open source +project which is part of the software stack, it is recommended to follow the +vulnerability reporting guidelines specified by the respective project. + +If you think you have found a security vulnerability as part of the Large Screen +Compute Design platform software stack and does not fall into any specific open +source project, then please report by email at psirt@arm.com specifying the project +name as “Large Screen Compute Reference Design Platform Software”. +More details can be found at `Arm Developer website`_. + +-------------- + +*Copyright (c) 2025, Arm Limited. All rights reserved.* + +.. _Arm Developer website: https://developer.arm.com/support/arm-security-updates/report-security-vulnerabilities -- GitLab