doc: Improve security reporting guidelines

See #7524
author: Florian Bruhin <me@the-compiler.org> 2022-12-13 14:24:32 +0100
committer: Florian Bruhin <me@the-compiler.org> 2022-12-13 14:24:32 +0100
commit: 9bf258c8f8fa2c255be92535a64fd356146d8482 (patch)
tree: 90a4a3747a209cb1faee154775bf7041e38ecb24 /doc
parent: 5afc8a68191160f8d5c74b92874a0032d3c1996e (diff)
download: qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.tar.gz
qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/qutebrowser.1.asciidoc b/doc/qutebrowser.1.asciidoc
index e83a4da0b..0f8a55680 100644
--- a/doc/qutebrowser.1.asciidoc
+++ b/doc/qutebrowser.1.asciidoc
@@ -133,8 +133,14 @@ If you prefer, you can also write to the
 https://listi.jpberlin.de/mailman/listinfo/qutebrowser[mailinglist] at
 mailto:qutebrowser@lists.qutebrowser.org[] instead.
 
-For security bugs, please contact me directly at me@the-compiler.org, GPG ID
-https://www.the-compiler.org/pubkey.asc[0xFD55A072].
+For security bugs, please contact security@qutebrowser.org (or if GPG
+encryption is desired, contact me@the-compiler.org with GPG ID
+https://www.the-compiler.org/pubkey.asc[0x916EB0C8FD55A072]).
+
+Alternatively,
+https://github.com/qutebrowser/qutebrowser/security/advisories/new[report a vulnerability]
+via GitHub's
+https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability[private reporting feature].
 
 == COPYRIGHT
 This program is free software: you can redistribute it and/or modify it under
author	Florian Bruhin <me@the-compiler.org>	2022-12-13 14:24:32 +0100
committer	Florian Bruhin <me@the-compiler.org>	2022-12-13 14:24:32 +0100
commit	9bf258c8f8fa2c255be92535a64fd356146d8482 (patch)
tree	90a4a3747a209cb1faee154775bf7041e38ecb24 /doc
parent	5afc8a68191160f8d5c74b92874a0032d3c1996e (diff)
download	qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.tar.gz qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.zip