Jump to: navigation, search

Security:Main

Reporting security issues

Please report any security issues you find in OpenDaylight to: security@lists.opendaylight.org

Anyone can post to this list. The subscribers are only trusted individuals who will handle the resolution of any reported security issues in confidence. In your report, please note how you would like to be credited for discovering the issue and the details of any embargo you would like to impose.

The OpenDaylight vulnerability management process is documented here.

Security Response Team

At the December, 18th 2014 TSC meeting, the TSC approved the first security response team including:

  • Chris Wright
  • Robert Varga
  • Ed Warnicke
  • David Jorm
  • Kurt Seifried
  • Ryan Goulding

This can be reached at the above private security mailing list.

Security advisories

The security advisories page lists all security vulnerabilities fixed in OpenDaylight.

Secure engineering

An effort is currently underway to bootstrap a pro-active secure engineering effort, similar to OpenStack's OSSG. A presentation on the secure engineering vision for OpenDaylight is available here. If you are interested in assisting with this effort, please see the summer internship project proposal.

Other Documents