[openssl-commits] [web] master update
Mark J. Cox
mark at openssl.org
Wed Apr 25 09:44:24 UTC 2018
The branch master has been updated
via 0a533713bb32d0e21b2a44d0ebdf666988db4ee6 (commit)
from 9ff40f37a3cdab765451353163477290698248c2 (commit)
- Log -----------------------------------------------------------------
commit 0a533713bb32d0e21b2a44d0ebdf666988db4ee6
Author: Mark J. Cox <mark at awe.com>
Date: Wed Apr 25 10:43:04 2018 +0100
Note the questions we get asked frequently about bug bounties and
lack of a SPF record. We could add more here for the other frequently
reported issues (like an open ftp server, open directory listings etc)
-----------------------------------------------------------------------
Summary of changes:
community/index.html | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/community/index.html b/community/index.html
index c2bce5c..06e5861 100644
--- a/community/index.html
+++ b/community/index.html
@@ -59,6 +59,14 @@
<a href="/policies/secpolicy.html">Security Policy</a>.</p>
<p>
+ Please note that we do not run a Bug Bounty program, although third parties
+ may reward confirmed security issues reported in the OpenSSL codebase. We
+ do not consider
+ the <a href="https://github.com/openssl/openssl/issues/6077">lack
+ of SPF records for openssl.org</a> a security issue.
+ </p>
+
+ <p>
All fixed security bugs are listed on our <a href="/news/vulnerabilities.html">vulnerabilities page</a>
</p>
More information about the openssl-commits
mailing list