We understand that users place trust in the software and services that Kinvolk makes and distributes. This is critical infrastructure for communities and companies. This is a responsibility that we take seriously and is our top priority.
For issues under an embargo, Kinvolk does not issue a disclosure until an investigation is complete and the agreed date has been reached.
Reporting found issues or concerns in kinvolk software or services, please email [email protected] .
When reporting an issue, please include:
- versions of tools and components involved
- reproducer or proof-of-concept
- relevant output
Flatcar Container Linux
Flatcar Container Linux images are available for download, signed by the GPG key described in flatcar-linux.org/security .
Flatcar Container Linux public update key is available in its repository .
On a Flatcar server, this key is available on the read only
/usr partition at:
Releases of Lokomotive are signed by keys prescribed in its keys document .