mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-08-21 22:04:00 -07:00
Update security contribution policy
This commit is contained in:
Rafael G. Martins
parent
f14a7bd21c
commit
77ea627a05
1 changed files with 7 additions and 3 deletions
10
SECURITY.md
10
SECURITY.md
|
|
@ -1,5 +1,9 @@
|
|||
# Security Policy
|
||||
# Reporting Security Vulnerabilities
|
||||
|
||||
## Reporting a Vulnerability
|
||||
**If you believe you have discovered a security issue with VestaCP, please open a new private security vulnerability report through https://github.com/outroll/vesta/security/advisories/new.
|
||||
|
||||
Please report security issues to dev@vestacp.com
|
||||
You can also report security vulnerabilities to [security@vestacp.com](mailto:security@vestacp.com), and we will create a new security advisory for tracking the fix on your behalf.
|
||||
|
||||
We value the effort and contribution of independent security researchers and will credit security researchers in the release notes of the fix, on the following conditions:
|
||||
- Vulnerabilities are not published publicly prior to the VestaCP releasing a fix; and
|
||||
- Researchers provide at least 90 days to address the issue before disclosing it publicly.
|
||||
Loading…
Add table
Add a link
Reference in a new issue