You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: SECURITY.md
+4-13Lines changed: 4 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,19 +2,10 @@
2
2
3
3
## Reporting a Security Bug
4
4
5
-
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to
6
-
hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
7
-
patch it within a reasonable amount of time and release a public security bulletin discussing the
8
-
impact and credit the discoverer.
5
+
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.
9
6
10
-
There are two ways to report a security bug. The easiest is to email a description of the flaw and
11
-
any related information (e.g. reproduction steps, version) to
12
-
[security at hyperledger dot org](mailto:security@hyperledger.org).
7
+
There are two ways to report a security bug. The easiest is to email a description of the flaw and any related information (e.g. reproduction steps, version) to [security at hyperledger dot org](mailto:security@hyperledger.org).
13
8
14
-
The other way is to file a confidential security bug in our
15
-
[JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to
16
-
“Security issue”.
9
+
The other way is to file a confidential security bug in the repository's [security advisories page](https://github.com/hyperledger/firefly-tezosconnect/security/advisories). Guidance can be found in the GitHub documentation on [privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
17
10
18
-
The process by which the Hyperledger Security Team handles security bugs is documented further in
19
-
our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our
20
-
[wiki](https://wiki.hyperledger.org).
11
+
The process by which the Hyperledger Security Team handles security bugs is documented further in our [Defect Response page](https://lf-hyperledger.atlassian.net/wiki/spaces/SEC/pages/20283618/Defect+Response) on our [wiki](https://lf-hyperledger.atlassian.net/wiki).
0 commit comments