Hi Ke,

For reporting vulnerability in components included in ODH please open an issue at the component github (or follow any other guidelines they have)  and point to it in another issue you open in ODH. For any OCP security issues please follow Red Hat guidelines listed here: https://access.redhat.com/security/team/contact

Juana

On Thu, Aug 13, 2020 at 2:05 PM Ke Zhu - kzhu@us.ibm.com <kzhu@us.ibm.com> wrote:
I’m interested in adopting OpenDataHub for curious on methods/tool/process on vulnerabilities detection/remediation/fixes for included components.

For example, given several Apache components in a deployed OpenDataHub including Airflow, Hive and Spark, if any high severity vulnerabilities are discovered  in libraries like JDK or nmm modules used by Airflow, what’s the suggested action? Or it can be included into the cloud platform like OpenShift?_______________________________________________
Users mailing list -- users@lists.opendatahub.io
To unsubscribe send an email to users-leave@lists.opendatahub.io