Skip to content

Commit 67e43da

Browse files
rpwagnerrpwagner
committed
initial security page
1 parent b954bd1 commit 67e43da

File tree

3 files changed

+34
-7
lines changed

3 files changed

+34
-7
lines changed

_data/nav.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,3 +15,5 @@ head:
1515
- title: Blog
1616
url: https://blog.jupyter.org
1717
newpage: true
18+
- title: Security
19+
url: /security

community.md

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -57,11 +57,4 @@ a way that makes the community thrive.
5757
Below is a short list of gitter channels, email listservs, and github repositories
5858
where you can get involved. **We always welcome participation in the Jupyter community**.
5959

60-
## Report vulnerabilities
61-
62-
If you believe you've found a security vulnerability in a Jupyter project,
63-
please report it to [security@ipython.org](mailto:security@ipython.org).
64-
If you prefer to encrypt your security reports,
65-
you can use [this PGP public key](assets/ipython_security.asc).
66-
6760
{% include community_lists.html %}

security.md

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
---
2+
layout: page_md
3+
title: Security
4+
tagline: Project Jupyter is committed to reducing the risk of using, deploying, operating, or developing Jupyter software.
5+
permalink: /security
6+
---
7+
8+
## Report vulnerabilities
9+
10+
If you believe you've found a security vulnerability in a Jupyter project,
11+
please report it to [security@ipython.org](mailto:security@ipython.org).
12+
If you prefer to encrypt your security reports,
13+
you can use [this PGP public key](assets/ipython_security.asc).
14+
15+
## Vulnerability information
16+
17+
Known vulnerabilities are tracked using the [CVE vendor ID 15653 for Jupyter](https://www.cvedetails.com/vulnerability-list/vendor_id-15653/Jupyter.html).
18+
19+
## Security documentation
20+
21+
Several Jupyter projects maintain security-related documentation regarding usage or deployment of
22+
Jupyter software.
23+
24+
- [jupyter-server](https://jupyter-server.readthedocs.io/en/latest/operators/security.html)
25+
- [jupyterhub](https://jupyterhub.readthedocs.io/en/stable/reference/websecurity.html)
26+
27+
## Jupyter Security Subproject
28+
29+
The Jupyter Security Subproject is working to identify and coordinate
30+
the security efforts throughout the Jupyter community. The
31+
[Jupyter Security](https://github.com/jupyter/security) GitHub repo
32+
has information how to participate and contribute.

0 commit comments

Comments
 (0)