Skip to content

Commit 244e420

Browse files
denisandreenkodenisandreenko
authored
Merge pull request #72 from hyperledger/update_security_md
Update outdated SECURITY.md
2 parents f281fd2 + 670be3d commit 244e420

File tree

1 file changed

+4
-13
lines changed

1 file changed

+4
-13
lines changed

SECURITY.md

Lines changed: 4 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,19 +2,10 @@
22

33
## Reporting a Security Bug
44

5-
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to
6-
hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
7-
patch it within a reasonable amount of time and release a public security bulletin discussing the
8-
impact and credit the discoverer.
5+
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.
96

10-
There are two ways to report a security bug. The easiest is to email a description of the flaw and
11-
any related information (e.g. reproduction steps, version) to
12-
[security at hyperledger dot org](mailto:[email protected]).
7+
There are two ways to report a security bug. The easiest is to email a description of the flaw and any related information (e.g. reproduction steps, version) to [security at hyperledger dot org](mailto:[email protected]).
138

14-
The other way is to file a confidential security bug in our
15-
[JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to
16-
“Security issue”.
9+
The other way is to file a confidential security bug in the repository's [security advisories page](https://github.com/hyperledger/firefly-tezosconnect/security/advisories). Guidance can be found in the GitHub documentation on [privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
1710

18-
The process by which the Hyperledger Security Team handles security bugs is documented further in
19-
our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our
20-
[wiki](https://wiki.hyperledger.org).
11+
The process by which the Hyperledger Security Team handles security bugs is documented further in our [Defect Response page](https://lf-hyperledger.atlassian.net/wiki/spaces/SEC/pages/20283618/Defect+Response) on our [wiki](https://lf-hyperledger.atlassian.net/wiki).

0 commit comments

Comments
 (0)