From: Jan Kiszka <[email protected]> This add reporting vulnerabilities via the new github channel. The email channel is kept as an alternative.
Signed-off-by: Jan Kiszka <[email protected]> --- SECURITY.md | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 7435af6..e5e416a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -22,11 +22,12 @@ Guard code. ## Reporting a Vulnerability Please DO NOT report any potential security vulnerability via a public channel -(mailing list, github issue etc.). Instead, contact the maintainers [email protected] and [email protected] via email directly. -Please provide a detailed description of the issue, the steps to reproduce it, -the affected versions and, if already available, a proposal for a fix. You -should receive a response withing 5 working days. If the issue is confirmed as -a vulnerability by us, we will open a Security Advisory on github and give -credits for your report if desired. This project follows a 90 day disclosure -timeline. +(mailing list, github issue etc.). Instead, create a report via +https://github.com/siemens/efibootguard/security/advisories/new or contact the +maintainers [email protected] and [email protected] via email +directly. Please provide a detailed description of the issue, the steps to +reproduce it, the affected versions and, if already available, a proposal for a +fix. You should receive a response within 5 working days. If the issue is +confirmed as a vulnerability by us, we will open a Security Advisory on github +and give credits for your report if desired. This project follows a 90 day +disclosure timeline. -- 2.35.3 -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/10f4c015-f50c-25a6-330a-21afb1ac323b%40siemens.com.
