General Fink security policy for accepted packages.
This document explains security incident handling for packages that have been accepted by Fink. While the main responsibility for every accepted package in Fink remains with the respective maintainer, Fink recognizes the necessity to offer a uniform policy on how to react to security incidents found in software which are offered as Fink packages. Every package maintainer is required to comply with it.
- 1 Responsibility
- 2 Response times and immediate actions.
- 3 Incident Sources
- 4 Security update procedure.
- 5 Sending notifications