...
- Vulnerability Reporting
- SOS performs ongoing monitoring of vulnerabilities including 3rd-party components based on the JS7 - Software Bill of Materials.
- Public Ticket System for users of the Open Source License
- Private Ticket System for customers of the Commercial License
- Private e-mail
- Vulnerability Verification
- MitreCVE: https://cve.org
- NIST: https://nvd.nist.gov/vuln
- Change Proposals
- Public Change Management System
- Changes
- Communication
- Public Ticket System for users of the Open Source License
- RSS Feeds
...
- With fixes being available the following applies:
- Downloads
- Maintenance releases are published for download with the SOS web site and with SourceForge.
- Users should be aware that 3rd party web sites that mirror downloads of SOS software products might or might not indicate availability of maintenance releases. SOS denies any liability for accurate and timely downloads of maintenance releases available from 3rd party web sites.
- CVE Reports
- With downloads being available SOS asks mitrecve.org to make the CVE report publicly available.
- Notification
- Notifications are made available with the News section of the SOS web site.
- Notifications are provided by RSS Feeds.
- Customers who subscribe to notifications within their support option receive a notification by e-mail.
- The Product Knowledge Base is added the information with the list of Vulnerabilities.
- Downloads
- Fixes provided for any branches under maintenance are communicated at the same point in time.
...