-
Task
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
- Make "Security" a top-level section of the docs (last entry in the section list)
- Create subsections "Security Policy", "Operating Camunda Securely", "Report a Vulnerability", "Security Notices",
- "Security Policy" remains as is; add more details to the sub section https://docs.camunda.org/manual/7.10/user-guide/security/#security-issue-management outlining how we deal with issues, when we make announcements, etc.
- "Report a vulnerability" links to JIRA, explains how to submit a vulnerability and links/describes how we treat the issue
- "Announced Vulnerabilties" gets content from https://docs.camunda.org/enterprise/security-notices/
- "Operating Camunda Securely" links to user guide
- Redirects from https://docs.camunda.org/enterprise/security-notices/ and https://docs.camunda.org/manual/7.10/user-guide/security to the new sections (or links in HTML)
This is the controller panel for Smart Panels app
[CAM-9912] I can read how to submit a vulnerability report
thorben.lindhauer I noticed that you did not add this to older versions of the Optimize docs and also not to the Cawemo docs. The latter I resolved since I assume it was an oversight and the Cawemo docs are not really live anyways but what is the rationale for (not) "backporting" this to older versions of e.g. the Optimize/CamBPM docs?
christian.nicolai, for the CamBPM docs I chose to stop at 7.8 since that was the oldest support version at the time. Optimize slipped through, we should add it to all versions there. See CAM-10493.
Result is at https://docs.camunda.org/security/