diff --git a/security/cve-report_en.md b/security/cve-report_en.md index fc3ec40..3ebd3b9 100644 --- a/security/cve-report_en.md +++ b/security/cve-report_en.md @@ -55,17 +55,3 @@ The VMT consists of vulnerability management experts in the community. The team ## MindSpore Security Advisory (SA) None - -## MindSpore Security Note (SN) - -+ Some vulnerabilities of third-party open-source components need to be fixed by users. - + Python 3.7.5 has the following vulnerabilities: - + [CVE-2019-18348](https://nvd.nist.gov/vuln/detail/CVE-2019-18348) - + [CVE-2020-8315](https://nvd.nist.gov/vuln/detail/CVE-2020-8315) - + [CVE-2020-8492](https://nvd.nist.gov/vuln/detail/CVE-2020-8492) - + Pillow 6.2.0 has the following vulnerabilities: - + [CVE-2019-19911](https://nvd.nist.gov/vuln/detail/CVE-2019-19911) - + [CVE-2020-5310](https://nvd.nist.gov/vuln/detail/CVE-2020-5310) - + [CVE-2020-5311](https://nvd.nist.gov/vuln/detail/CVE-2020-5311) - + [CVE-2020-5312](https://nvd.nist.gov/vuln/detail/CVE-2020-5312) - + [CVE-2020-5313](https://nvd.nist.gov/vuln/detail/CVE-2020-5313) diff --git a/security/cve-report_zh_cn.md b/security/cve-report_zh_cn.md index 96d5aab..863fa01 100644 --- a/security/cve-report_zh_cn.md +++ b/security/cve-report_zh_cn.md @@ -55,17 +55,3 @@ MindSpore作为一个同时支持端/边缘/云场景的训练推理框架,在 ## MindSpore安全公告(SA) 无 - -## MindSpore安全说明(SN) - -+ 第三方的开源组件部分漏洞需要用户自行修复: - + Python 3.7.5存在如下漏洞: - + [CVE-2019-18348](https://nvd.nist.gov/vuln/detail/CVE-2019-18348) - + [CVE-2020-8315](https://nvd.nist.gov/vuln/detail/CVE-2020-8315) - + [CVE-2020-8492](https://nvd.nist.gov/vuln/detail/CVE-2020-8492) - + Pillow 6.2.0 存在如下漏洞: - + [CVE-2019-19911](https://nvd.nist.gov/vuln/detail/CVE-2019-19911) - + [CVE-2020-5310](https://nvd.nist.gov/vuln/detail/CVE-2020-5310) - + [CVE-2020-5311](https://nvd.nist.gov/vuln/detail/CVE-2020-5311) - + [CVE-2020-5312](https://nvd.nist.gov/vuln/detail/CVE-2020-5312) - + [CVE-2020-5313](https://nvd.nist.gov/vuln/detail/CVE-2020-5313) diff --git a/security/template/SA_Template.md b/security/template/SA_Template.md new file mode 100644 index 0000000..8378c6e --- /dev/null +++ b/security/template/SA_Template.md @@ -0,0 +1,26 @@ +# MSSA-2020:0123 - Security Advisory + +#### 发布日期 +2020-xx-xx + +#### 更新日期 +2020-xx-xx + +### 标题 +xxx组件的更新:xx漏洞更新 + +### 描述 +组件xxx中存在一个xxx漏洞,xxx + +### 受影响的产品 +- MindSpore x.y.z版本 +- MindSpore x.y.z版本 + +### 补丁 +- [xxx漏洞补丁](https://xxx) + +### CVE +- [CVE-20xx-xxxx](https://xxxx) + +### 参考信息 +- [issue link](https://xxxxx) \ No newline at end of file diff --git a/security/template/SA_Template_en.md b/security/template/SA_Template_en.md new file mode 100644 index 0000000..ef659eb --- /dev/null +++ b/security/template/SA_Template_en.md @@ -0,0 +1,28 @@ +# MSSA-2020:0123 - Security Advisory + +#### Release Date +2020-xx-xx + +#### Updata Data +2020-xx-xx + +### title +xxx + +### Description +xxx + +### Versions affected +- < MindSpore x.y.z + +### Reported by +-xx + +### Patch +- [Patch link](https://xxx) + +### CVE +- [CVE-20xx-xxxx](https://xxxx) + +### Additional Information +- [Issue link](https://xxxxx) \ No newline at end of file