rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity

SECURITY.md: use github vuln reporting tool 

We have a mailing list for this. But, the first time that was used for real, it didn't go very well:

- the report and a follow-up went into spam. A private google group delivering to gmail -- you'd think this would work well, but  it did not.
- there was only me in the group.

Github now has a "private vulnerability reporting" feature that should be better for getting reports to the right people quickly. Let's try that?
This commit is contained in:
ctz 2023-08-22 17:57:08 +01:00
parent f65b11658e
commit 6e9a61f055
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -15,7 +15,7 @@ Therefore 0.20.x and 0.21.x will be updated, while 0.19.x will not be.
## Reporting a Vulnerability
Please report security bugs by email to rustls-security@googlegroups.com.
Please report security bugs [via github](https://github.com/rustls/rustls/security/advisories/new).
We'll then:
- Prepare a fix and regression tests.