Updates inc legal

Signed-off-by: Dj Walker-Morgan <[email protected]>
EnterpriseDB · Aug 14, 2023 · 571eaa9 · 571eaa9
1 parent 7c128c3
commit 571eaa9
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 30 deletions.
diff --git a/advocacy_docs/security/advisories/cve20074639.mdx b/advocacy_docs/security/advisories/cve20074639.mdx
@@ -13,14 +13,10 @@ EDB Postgres Advanced Server 8.2 (EPAS) does not properly handle certain debuggi
 
 ## Vulnerability details
 
-CVE-ID:  [CVE-2007-4639](https://nvd.nist.gov/vuln/detail/CVE-2007-4639)
-
-CVSS Base Score: Undefined
-
-CVSS Temporal Score: Undefined
-
-CVSS Environmental Score: Undefined
-
+CVE-ID:  [CVE-2007-4639](https://nvd.nist.gov/vuln/detail/CVE-2007-4639)  
+CVSS Base Score: Undefined  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
 CVSS Vector: Undefined
 
 ## Affected products and versions
@@ -58,4 +54,4 @@ Source: MITRE
 
 ## Disclaimer
 
-Legal can put any disclaimer they would like here
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
diff --git a/advocacy_docs/security/advisories/cve201910128.mdx b/advocacy_docs/security/advisories/cve201910128.mdx
@@ -13,14 +13,10 @@ A vulnerability was found in PostgreSQL versions 11.x prior to 11.3. The Windows
 
 ## Vulnerability details
 
-CVE-ID:   [CVE-2019-10128](https://nvd.nist.gov/vuln/detail/CVE-2019-10128)
-
-CVSS Base Score: 7.8
-
-CVSS Temporal Score: Undefined
-
-CVSS Environmental Score: Undefined
-
+CVE-ID:   [CVE-2019-10128](https://nvd.nist.gov/vuln/detail/CVE-2019-10128)  
+CVSS Base Score: 7.8  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
 
 ## Affected products and versions
@@ -67,4 +63,4 @@ Source: Red Hat Inc
 
 ## Disclaimer
 
-Legal can put any disclaimer they would like here
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
diff --git a/advocacy_docs/security/advisories/cve202331043.mdx b/advocacy_docs/security/advisories/cve202331043.mdx
@@ -13,14 +13,10 @@ EDB Postgres Advanced Server (EPAS) versions before 14.6.0 log unredacted passwo
 
 ## Vulnerability details
 
-CVE-ID:  [CVE-2023-31043](https://nvd.nist.gov/vuln/detail/CVE-2023-31043)
-
-CVSS Base Score: 7.5
-
-CVSS Temporal Score: Undefined
-
-CVSS Environmental Score: Undefined
-
+CVE-ID:  [CVE-2023-31043](https://nvd.nist.gov/vuln/detail/CVE-2023-31043)  
+CVSS Base Score: 7.5  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
 
 ## Affected products and versions
@@ -69,4 +65,4 @@ Source: Mitre
 
 ## Disclaimer
 
-Legal can put any disclaimer they would like here
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
diff --git a/advocacy_docs/security/index.mdx b/advocacy_docs/security/index.mdx
@@ -11,9 +11,7 @@ navigation:
   - advisories
 ---
 
-We are committed to a security first approach to everything we do at [EnterpriseDB](https://www.enterprisedb.com/). Here are the current policies and advisories.
-
-This policy outlines how EnterpriseDB handles disclosures related to suspected vulnerabilities within our products, systems, or services. It also provides guidance for those who wish to perform security research, or may have discovered a potential security vulnerability impacting EDB.
+EDB is committed to a security first approach, from the products we build and the platforms we operate, to the services we provide our customers. Transparency is a core principle for the program and part of this effort includes welcoming incoming reports so that we can address concerns surfaced by our customers or security researchers. You’ll also find it in our advisories, which detail issues found and the required fixes or mitigations needed to keep your data and databases safe.
 
 ## Policies