projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| 153d5975 | 1 | --- |
| b35ec8de | 2 | title: Reporting of Security Vulnerabilities |
| 4cdca0af | 3 | category: Contributing |
| b41a3f66 | 4 | layout: default |
| 0aff7b75 | 5 | SPDX-License-Identifier: LGPL-2.1-or-later |
| 153d5975 ZJS |
6 | --- |
| 7 | ||
| b35ec8de | 8 | # Reporting of Security Vulnerabilities |
| 153d5975 | 9 | |
| f20078df ZJS |
10 | If you discover a security vulnerability, we'd appreciate a non-public disclosure. systemd developers can be contacted privately on the **[systemd-security@redhat.com](mailto:systemd-security@redhat.com) mailing list**. The disclosure will be coordinated with distributions. |
| 11 | ||
| 12 | (The [issue tracker](https://github.com/systemd/systemd/issues) and [systemd-devel mailing list](https://lists.freedesktop.org/mailman/listinfo/systemd-devel) are fully public.) | |
| 154962d3 ZJS |
13 | |
| 14 | Subscription to the systemd-security mailing list is open to **regular systemd contributors and people working in the security teams of various distributions**. Those conditions should be backed by publicly accessible information (ideally, a track of posts and commits from the mail address in question). If you fall into one of those categories and wish to be subscribed, submit a **[subscription request](https://www.redhat.com/mailman/listinfo/systemd-security)**. |