kubernetes/docs/reporting-security-issues.md

<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->

<!-- BEGIN STRIP_FOR_RELEASE -->

<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
     width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
     width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
     width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
     width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
     width="25" height="25">

<h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>

If you are using a released version of Kubernetes, you should
refer to the docs that go with that version.

<!-- TAG RELEASE_LINK, added by the munger automatically -->
<strong>
The latest release of this document can be found
[here](http://releases.k8s.io/release-1.3/docs/reporting-security-issues.md).

Documentation for other releases can be found at
[releases.k8s.io](http://releases.k8s.io).
</strong>
--

<!-- END STRIP_FOR_RELEASE -->

<!-- END MUNGE: UNVERSIONED_WARNING -->

# Security

If you believe you have discovered a vulnerability or have a security incident to report, please follow the steps below. This applies to Kubernetes releases v1.0 or later.

To watch for security and major API announcements, please join our [kubernetes-announce](https://groups.google.com/forum/#!forum/kubernetes-announce) group.

## Reporting a security issue

To report an issue, please:
- Submit a bug report [here](http://goo.gl/vulnz).
  - Select “I want to report a technical security bug in a Google product (SQLi, XSS, etc.).”
  - Select “Other” as the Application Type.
- Under reproduction steps, please additionally include
  - the words "Kubernetes Security issue"
  - Description of the issue
  - Kubernetes release (e.g. output of `kubectl version` command, which includes server version.)
  - Environment setup (e.g.  which "Getting Started Guide" you followed, if any; what node operating system used; what service or software creates your virtual machines, if any)

An online submission will have the fastest response; however, if you prefer email, please send mail to security@google.com. If you feel the need, please use the [PGP public key](https://services.google.com/corporate/publickey.txt) to encrypt communications.


<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/reporting-security-issues.md?pixel)]()
<!-- END MUNGE: GENERATED_ANALYTICS -->
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00			`<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->`

Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`<!-- BEGIN STRIP_FOR_RELEASE -->`

Fix broken warning image link in docs 2016-07-15 05:44:58 -04:00			`<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`width="25" height="25">`
Fix broken warning image link in docs 2016-07-15 05:44:58 -04:00			`<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`width="25" height="25">`
Fix broken warning image link in docs 2016-07-15 05:44:58 -04:00			`<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`width="25" height="25">`
Fix broken warning image link in docs 2016-07-15 05:44:58 -04:00			`<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`width="25" height="25">`
Fix broken warning image link in docs 2016-07-15 05:44:58 -04:00			`<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00			`width="25" height="25">`

			`<h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>`

			`If you are using a released version of Kubernetes, you should`
			`refer to the docs that go with that version.`

			`<!-- TAG RELEASE_LINK, added by the munger automatically -->`
			`<strong>`
			`The latest release of this document can be found`
Updated docs and examples for release-1.3. 2016-06-13 15:24:34 -04:00			`[here](http://releases.k8s.io/release-1.3/docs/reporting-security-issues.md).`
Revert "Versioning docs and examples for v1.4.0-alpha.0." This reverts commit cce9db3aa9555671c5ddf69549b46ed0fd7e472a. 2016-06-10 19:46:46 -04:00
			`Documentation for other releases can be found at`
			`[releases.k8s.io](http://releases.k8s.io).`
			`</strong>`
			`--`

			`<!-- END STRIP_FOR_RELEASE -->`
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00
			`<!-- END MUNGE: UNVERSIONED_WARNING -->`

			`# Security`

delete the redundant word "a" 2016-07-04 22:48:26 -04:00			`If you believe you have discovered a vulnerability or have a security incident to report, please follow the steps below. This applies to Kubernetes releases v1.0 or later.`
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00
Fix trailing whitespace in all docs 2015-07-24 17:52:18 -04:00			`To watch for security and major API announcements, please join our [kubernetes-announce](https://groups.google.com/forum/#!forum/kubernetes-announce) group.`
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00
			`## Reporting a security issue`

			`To report an issue, please:`
			`- Submit a bug report [here](http://goo.gl/vulnz).`
			`- Select “I want to report a technical security bug in a Google product (SQLi, XSS, etc.).”`
Fix trailing whitespace in all docs 2015-07-24 17:52:18 -04:00			`- Select “Other” as the Application Type.`
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00			`- Under reproduction steps, please additionally include`
			`- the words "Kubernetes Security issue"`
			`- Description of the issue`
			- Kubernetes release (e.g. output of `kubectl version` command, which includes server version.)
Fix trailing whitespace in all docs 2015-07-24 17:52:18 -04:00			`- Environment setup (e.g. which "Getting Started Guide" you followed, if any; what node operating system used; what service or software creates your virtual machines, if any)`
Vulnerability reporting doc. 2015-07-23 19:15:04 -04:00
			`An online submission will have the fastest response; however, if you prefer email, please send mail to security@google.com. If you feel the need, please use the [PGP public key](https://services.google.com/corporate/publickey.txt) to encrypt communications.`


			`<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->`
			`[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/reporting-security-issues.md?pixel)]()`
			`<!-- END MUNGE: GENERATED_ANALYTICS -->`