[openssl-commits] [web] master update

Mark J. Cox mark at openssl.org
Wed Apr 25 09:44:24 UTC 2018

The branch master has been updated
       via  0a533713bb32d0e21b2a44d0ebdf666988db4ee6 (commit)
      from  9ff40f37a3cdab765451353163477290698248c2 (commit)

- Log -----------------------------------------------------------------
commit 0a533713bb32d0e21b2a44d0ebdf666988db4ee6
Author: Mark J. Cox <mark at awe.com>
Date:   Wed Apr 25 10:43:04 2018 +0100

    Note the questions we get asked frequently about bug bounties and
    lack of a SPF record.  We could add more here for the other frequently
    reported issues (like an open ftp server, open directory listings etc)


Summary of changes:
 community/index.html | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/community/index.html b/community/index.html
index c2bce5c..06e5861 100644
--- a/community/index.html
+++ b/community/index.html
@@ -59,6 +59,14 @@
             <a href="/policies/secpolicy.html">Security Policy</a>.</p>
+            Please note that we do not run a Bug Bounty program, although third parties
+            may reward confirmed security issues reported in the OpenSSL codebase.  We
+            do not consider
+            the <a href="https://github.com/openssl/openssl/issues/6077">lack
+            of SPF records for openssl.org</a> a security issue.
+            </p>
+            <p>
             All fixed security bugs are listed on our <a href="/news/vulnerabilities.html">vulnerabilities page</a>

More information about the openssl-commits mailing list