Vulnerability Fixing Policies

Vulnerability Fixing Time

High-risk vulnerabilities
Distributed Message Service (DMS) for Kafka fixes vulnerabilities within one month after the Kafka community detects them and releases fixing solutions. The fixing policies are the same as those of the community.

An emergent OS vulnerability will be released in line with the related policies and process. A fix will be provided in about one month. You can fix the vulnerability on your own.
Other vulnerabilities
Upgrade versions to fix other vulnerabilities.

Fixing Statement

To prevent customers from being exposed to unexpected risks, DMS for Kafka does not provide other information about the vulnerability except the vulnerability background, details, technical analysis, affected functions/versions/scenarios, solutions, and reference information.

In addition, DMS for Kafka provides the same information for all customers to protect all customers equally. DMS for Kafka will not notify individual customers in advance.

DMS for Kafka does not develop or release intrusive code (or code for verification) to exploit vulnerabilities.

Parent topic: Vulnerability Notices

Previous topic: Vulnerability Notices

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel