diff options
| author | Florian Bruhin <me@the-compiler.org> | 2022-12-13 14:24:32 +0100 |
|---|---|---|
| committer | Florian Bruhin <me@the-compiler.org> | 2022-12-13 14:24:32 +0100 |
| commit | 9bf258c8f8fa2c255be92535a64fd356146d8482 (patch) | |
| tree | 90a4a3747a209cb1faee154775bf7041e38ecb24 | |
| parent | 5afc8a68191160f8d5c74b92874a0032d3c1996e (diff) | |
| download | qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.tar.gz qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.zip | |
doc: Improve security reporting guidelines
See #7524
| -rw-r--r-- | .github/SECURITY.md | 3 | ||||
| -rw-r--r-- | README.asciidoc | 10 | ||||
| -rw-r--r-- | doc/qutebrowser.1.asciidoc | 10 |
3 files changed, 19 insertions, 4 deletions
diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 7df41b38e..a523b9bdb 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -1 +1,4 @@ Please report security bugs to [security@qutebrowser.org](mailto:security@qutebrowser.org). +(or if GPG encryption is desired, contact me@the-compiler.org with GPG ID [0x916EB0C8FD55A072](https://www.the-compiler.org/pubkey.asc)). + +Alternatively, [report a vulnerability](https://github.com/qutebrowser/qutebrowser/security/advisories/new) via GitHub's [private reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability). diff --git a/README.asciidoc b/README.asciidoc index d68268316..d6ac29cfa 100644 --- a/README.asciidoc +++ b/README.asciidoc @@ -66,8 +66,14 @@ ways: https://listi.jpberlin.de/mailman/listinfo/qutebrowser[mailinglist] at mailto:qutebrowser@lists.qutebrowser.org[]. -For security bugs, please contact me directly at mail@qutebrowser.org, GPG ID -https://www.the-compiler.org/pubkey.asc[0x916eb0c8fd55a072]. +Please report security bugs to security@qutebrowser.org +(or if GPG encryption is desired, contact me@the-compiler.org with GPG ID +https://www.the-compiler.org/pubkey.asc[0x916EB0C8FD55A072]). + +Alternatively, +https://github.com/qutebrowser/qutebrowser/security/advisories/new[report a vulnerability] +via GitHub's +https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability[private reporting feature]. Requirements ------------ diff --git a/doc/qutebrowser.1.asciidoc b/doc/qutebrowser.1.asciidoc index e83a4da0b..0f8a55680 100644 --- a/doc/qutebrowser.1.asciidoc +++ b/doc/qutebrowser.1.asciidoc @@ -133,8 +133,14 @@ If you prefer, you can also write to the https://listi.jpberlin.de/mailman/listinfo/qutebrowser[mailinglist] at mailto:qutebrowser@lists.qutebrowser.org[] instead. -For security bugs, please contact me directly at me@the-compiler.org, GPG ID -https://www.the-compiler.org/pubkey.asc[0xFD55A072]. +For security bugs, please contact security@qutebrowser.org (or if GPG +encryption is desired, contact me@the-compiler.org with GPG ID +https://www.the-compiler.org/pubkey.asc[0x916EB0C8FD55A072]). + +Alternatively, +https://github.com/qutebrowser/qutebrowser/security/advisories/new[report a vulnerability] +via GitHub's +https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability[private reporting feature]. == COPYRIGHT This program is free software: you can redistribute it and/or modify it under |