From 57f9895f38ab99ea074de328f6ec86b16f44c708 Mon Sep 17 00:00:00 2001 From: Austin Parker Date: Mon, 22 Jul 2024 15:08:30 -0400 Subject: [PATCH 1/2] Update security-audit-results.md --- content/en/blog/2024/security-audit-results.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/en/blog/2024/security-audit-results.md b/content/en/blog/2024/security-audit-results.md index d5fa4bd91998..db1b2aa79f17 100644 --- a/content/en/blog/2024/security-audit-results.md +++ b/content/en/blog/2024/security-audit-results.md @@ -17,10 +17,10 @@ upon a security audit of the OpenTelemetry Collector and four SDKs – Go, Java, C#, and Python. We are pleased to announce the publication of this audit, as well as its -results. Two CVEs were identified and remediated prior to the publication of +results. One CVE was identified and remediated prior to the publication of this audit (see [CVE-2024-36129](https://nvd.nist.gov/vuln/detail/CVE-2024-36129) for -information on both) in the OpenTelemetry Collector, and five hardening +information) in the OpenTelemetry Collector, and five hardening recommendations were made. Overall, the results of the audit are very positive, with the auditors noting the high quality of source code and the security best practices that the project is following. From 3ac820d299f9a2951962d5f93a77feccef1d6061 Mon Sep 17 00:00:00 2001 From: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> Date: Mon, 22 Jul 2024 19:16:40 +0000 Subject: [PATCH 2/2] Results from /fix:all --- content/en/blog/2024/security-audit-results.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/content/en/blog/2024/security-audit-results.md b/content/en/blog/2024/security-audit-results.md index db1b2aa79f17..92710035f1af 100644 --- a/content/en/blog/2024/security-audit-results.md +++ b/content/en/blog/2024/security-audit-results.md @@ -17,13 +17,12 @@ upon a security audit of the OpenTelemetry Collector and four SDKs – Go, Java, C#, and Python. We are pleased to announce the publication of this audit, as well as its -results. One CVE was identified and remediated prior to the publication of -this audit (see -[CVE-2024-36129](https://nvd.nist.gov/vuln/detail/CVE-2024-36129) for -information) in the OpenTelemetry Collector, and five hardening -recommendations were made. Overall, the results of the audit are very positive, -with the auditors noting the high quality of source code and the security best -practices that the project is following. +results. One CVE was identified and remediated prior to the publication of this +audit (see [CVE-2024-36129](https://nvd.nist.gov/vuln/detail/CVE-2024-36129) for +information) in the OpenTelemetry Collector, and five hardening recommendations +were made. Overall, the results of the audit are very positive, with the +auditors noting the high quality of source code and the security best practices +that the project is following. The conclusion of this audit marks an important milestone on our journey towards the next stage of maturity in the CNCF, graduation. We’ll have more to share on