Stream: wasmtime

Topic: New RFC: What is vs. is not considered a security bug?


view this post on Zulip fitzgen (he/him) (Sep 28 2023 at 20:33):

https://github.com/bytecodealliance/rfcs/pull/32

Wasmtime has documented processes for reporting, responding to, patching, and disclosing security vulnerabilities. However, the Wasmtime project does not currently define which kinds of bugs are and are not considered security vulnerabilities. This RFC aims to reach consensus on that definition.

Particularly interested in getting feedback from Wasmtime embedders!

Wasmtime has documented processes for reporting, responding to, patching, and disclosing security vulnerabilities. However, the Wasmtime project does not currently define which kinds of bugs are an...

view this post on Zulip Chris Fallin (Sep 28 2023 at 20:34):

Thanks for putting this together -- the table is nice and comprehensive, on first skim!


Last updated: Dec 23 2024 at 14:03 UTC