mirror of
git://git.yoctoproject.org/yocto-autobuilder2.git
synced 2025-07-04 20:54:48 +02:00
a7f3c6f0db
Add a SECURITY.md file with hints for security researchers and other parties who might report potential security vulnerabilities. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
14 lines
660 B
Markdown
14 lines
660 B
Markdown
How to Report a Potential Vulnerability?
|
|
========================================
|
|
|
|
If you would like to report a public issue (for example, one with a released
|
|
CVE number), please report it using the
|
|
[https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Security Security Bugzilla].
|
|
If you have a patch ready, submit it following the same procedure as any other
|
|
patch as described in README.md.
|
|
|
|
If you are dealing with a not-yet released or urgent issue, please send a
|
|
message to security AT yoctoproject DOT org, including as many details as
|
|
possible: the layer or software module affected, the recipe and its version,
|
|
and any example code, if available.
|