From: W. Felix Handte <w@felixhandte.com>
Date: Tue, 13 Feb 2024 16:51:37 +0000 (-0500)
Subject: Advertise Availability of Security Vulnerability Notifications
X-Git-Tag: v1.5.6^2~66^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e13d099bf881d69d6cf8bcd5cd4f677e1ce86bea;p=thirdparty%2Fzstd.git

Advertise Availability of Security Vulnerability Notifications
---

diff --git a/SECURITY.md b/SECURITY.md
index 4e5f09cbe..a5f9a7e1f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -5,3 +5,11 @@ Please do not open GitHub issues or pull requests - this makes the problem immed
 https://www.facebook.com/whitehat
 
 Meta's security team will triage your report and determine whether or not is it eligible for a bounty under our program.
+
+# Receiving Vulnerability Notifications
+
+In the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix.
+
+If you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers.
+
+<!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). -->