linux/ohmyzsh
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-01-30 02:44:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix formatting

Browse source
This commit is contained in:
Marc Cornellà 2025-07-01 17:56:43 +02:00
commit 0181f6d5d7
No known key found for this signature in database
GPG key ID: 0314585E776A9C1B
1 changed files with 11 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.github/INCIDENT_RESPONSE_PLAN.md vendored
View file

@ -43,7 +43,7 @@ Assess using the *CIA* triad:
- **Integrity**: affects the integrity of the system (deletion, corruption or encryption of data, OS file corruption, etc.). - **Integrity**: affects the integrity of the system (deletion, corruption or encryption of data, OS file corruption, etc.).
- **Availability**: denial of login, deletion of required files to boot / login, etc. - **Availability**: denial of login, deletion of required files to boot / login, etc.
1. What's the exploitability of the vulnerability? 5. What's the exploitability of the vulnerability?
Consider how easy it is to exploit, and if it affects all users or requires specific configurations. Consider how easy it is to exploit, and if it affects all users or requires specific configurations.
@ -67,7 +67,8 @@ Assess upstream or downstream contacts, and their desired channels of security.
- **Primary focus:** removing possibility of exploitation fast. - **Primary focus:** removing possibility of exploitation fast.
- **Secondary focus:** addressing the root cause. - **Secondary focus:** addressing the root cause.
> [!IMPORTANT] Make sure to test that the mitigation works as expected, and does not introduce new vulnerabilities. > [!IMPORTANT]
> Make sure to test that the mitigation works as expected, and does not introduce new vulnerabilities.
> When deploying a patch, make sure not to disclose the vulnerability in the commit message or PR description. > When deploying a patch, make sure not to disclose the vulnerability in the commit message or PR description.
> TODO: introduce a fast-track update process for security patches. > TODO: introduce a fast-track update process for security patches.