Kubernetes Security Release Process and Security Committee documentation.
The Product Security Committee (PSC) is responsible for triaging and handling the security issues for Kubernetes. Following are the current Product Security Committee members:
- CJ Cullen (@cjcullen)
<cjcullen@google.com>
- Joel Smith (@joelsmith)
<joelsmith@redhat.com>
[4096R/0x1688ADC79BECDDAF] - Luke Hinds (@lukehinds)
lhinds@redhat.com
- Micah Hausler (@micahhausler)
<mhausler@amazon.com>
- Swamy Shivaganga Nagaraju (@swamymsft)
<gaswamy@microsoft.com>
- Tabitha Sable (@tabbysable)
<tabitha.c.sable@gmail.com>
- Tim Allclair (@tallclair)
<timallclair@gmail.com>
Associate members include:
- Mo Khan (@enj)
<mok@vmware.com>
- Sam Fowler (@sfowl)
<sfowler@redhat.com>
- Taahir Ahmed (@ahmedtd)
<taahm@google.com>
Emeritus members:
- Brandon Philips (@philips)
<bphilips@redhat.com>
- Jess Frazelle (@jessfraz)
<jess@linux.com>
- Jonathan Pulsifer (@jonpulsifer)
<jonathan.pulsifer@shopify.com>
- Jordan Liggitt (@liggitt)
<jordan@liggitt.net>
[4096R/0x39928704103C7229] - Craig Ingram (@cji)
<cji@stripe.com>
There are a number of contact points for the PSC and release managers in charge of security releases. Please use the correct forum for the best and fastest response.
List or Group | Visibility | Uses |
---|---|---|
security@kubernetes.io | Private | Kubernetes security disclosures. This list is closely monitored and triaged by the PSC. See the disclosure guide for full details. |
kubernetes-security-discuss Google Group | Public | Discussion about security disclosure handling, this document, and other updates. |
release-managers-private@kubernetes.io | Private | Release Managers private discussion. All members are subscribed to security@kubernetes.io. |
security-discuss-private@kubernetes.io | Private | PSC private discussion. All members are subscribed to security@kubernetes.io |
Learn how to engage with the Kubernetes community on the community page.
Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.