[openssl-commits] [web] master update

Mark J. Cox mark at openssl.org
Wed Apr 25 09:07:19 UTC 2018


The branch master has been updated
       via  56be59c9b561ac2d3183723c35fbc3d530c5bbca (commit)
      from  5f9833f853d1fd6eb25d485b309ae540b09cf796 (commit)


- Log -----------------------------------------------------------------
commit 56be59c9b561ac2d3183723c35fbc3d530c5bbca
Author: Mark J. Cox <mark at awe.com>
Date:   Wed Apr 25 10:06:48 2018 +0100

    Move the details of reporting security issues here, that way we can
    remove the duplication from each vulnerability page and we can add
    more details about reports we will reject

-----------------------------------------------------------------------

Summary of changes:
 community/index.html | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/community/index.html b/community/index.html
index 45c0210..c2bce5c 100644
--- a/community/index.html
+++ b/community/index.html
@@ -44,11 +44,25 @@
             several groups for help with the project infrastructure over time.
 	    </p>
 
-            <h3><a href="#bugs">Reporting Bugs</a></h3>
+            <h3><a href="#securityreports">Reporting Security Bugs</a></h3>
+
+            <p>If you think you have found a security bug in OpenSSL,
+            please send mail to <a
+              href="mailto:openssl-security at openssl.org">openssl-security at openssl.org</a>.
+            Encryption is not required, but if you want to encrypt the mail, you can use our
+            team's <a href="pgpkey.html">PGP Key</a>.  Or you can
+            send mail to one or more individual <a
+              href="/community/omc.html">OMC Members</a>,
+            encrypted or plaintext.
+            We will work with you to assess and fix the flaw,
+            as discussed in our
+            <a href="/policies/secpolicy.html">Security Policy</a>.</p>
+
+            <p>
+            All fixed security bugs are listed on our <a href="/news/vulnerabilities.html">vulnerabilities page</a>
+            </p>
 
-	    <p>If you think have found a security bug, please see our
-	    <a href="/news/vulnerabilities.html">vulnerabilities page</a>
-	    for information on how to report it.</p>
+            <h3><a href="#bugs">Reporting Bugs</a></h3>
 
 	    <p>To report a bug or make an enhancement request, please open
             an issue on GitHub, by clicking "new issue" on this page:


More information about the openssl-commits mailing list