github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-04-28 03:21:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Release Notes: Add security limitations

Browse Source 
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
This commit is contained in:
Dan Middleton 2022-09-23 16:55:16 -05:00 committed by Samuel Ortiz
parent 35b303498d
commit 06a76e63bc
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
releases/v0.1.0.md
View File

@ -54,3 +54,12 @@ The following are known limitations of this release:
* Container image sharing is not possible in this release
* Container images are downloaded by the guest (with encryption), not by the host
* As a result, the same image will be downloaded separately by every pod using it, not shared between pods on the same host.
- The CoCo community aspires to adopting open source security best practices, but not all practices are adopted yet.
* We track our status with the OpenSSF Best Practices Badge, which was at 43% at the time of this release.
* The main gaps are in test coverage, both general and security tests.
* Vulnerability reporting mechanisms also need to be created. Public github issues are still appropriate for this release until private reporting is established.
## CVE Fixes
None - This is our first release.