Advertise Availability of Security Vulnerability Notifications

author W. Felix Handte <w@felixhandte.com>

Tue, 13 Feb 2024 16:51:37 +0000 (11:51 -0500)

committer W. Felix Handte <w@felixhandte.com>

Tue, 13 Feb 2024 16:54:59 +0000 (11:54 -0500)
author W. Felix Handte <w@felixhandte.com>
Tue, 13 Feb 2024 16:51:37 +0000 (11:51 -0500)
committer W. Felix Handte <w@felixhandte.com>
Tue, 13 Feb 2024 16:54:59 +0000 (11:54 -0500)
diff --git a/SECURITY.md b/SECURITY.md

index 4e5f09cbe1a77332c2eb47ab2595c4ba573d3ee7..a5f9a7e1fdbd0a37a838a7b17f90a39fca75ef17 100644 (file)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -5,3 +5,11 @@ Please do not open GitHub issues or pull requests - this makes the problem immed
  https://www.facebook.com/whitehat
  
  Meta's security team will triage your report and determine whether or not is it eligible for a bounty under our program.
+
+# Receiving Vulnerability Notifications
+
+In the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix.
+
+If you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers.
+
+<!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). -->
author	W. Felix Handte <w@felixhandte.com>
	Tue, 13 Feb 2024 16:51:37 +0000 (11:51 -0500)
committer	W. Felix Handte <w@felixhandte.com>
	Tue, 13 Feb 2024 16:54:59 +0000 (11:54 -0500)