Kubernetes Security Release Process and Security Committee documentation.
To report a vulnerability, please refer to https://kubernetes.io/security.
The Security Response Committee (SRC) is responsible for triaging and handling the security issues for Kubernetes. Following are the current Security Response Committee members:
- CJ Cullen (@cjcullen)
<[email protected]> - Craig Ingram (@cji)
<[email protected]> - Joel Smith (@joelsmith)
<[email protected]>[4096R/0x1688ADC79BECDDAF] - Micah Hausler (@micahhausler)
<[email protected]> - Mo Khan (@enj)
<[email protected]> - Rita Zhang (@ritazh)
[email protected] - Sri Saran Balaji (@SaranBalaji90)
<[email protected]> - Tabitha Sable (@tabbysable)
<[email protected]>
There are a number of contact points for the SRC and release managers in charge of security releases. Please use the correct forum for the best and fastest response.
| List or Group | Visibility | Uses |
|---|---|---|
| [email protected] | Private | Kubernetes security disclosures. This list is closely monitored and triaged by the SRC. See the disclosure guide for full details. |
| kubernetes-security-discuss Google Group | Public | Discussion about security disclosure handling, this document, and other updates. |
| [email protected] | Private | Release Managers private discussion. All members are subscribed to [email protected]. |
| [email protected] | Private | SRC private discussion. All members are subscribed to [email protected] |
Learn how to engage with the Kubernetes community on the community page.
Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.