docs: say that the github form is preferred for security vulnerabilities

author Zbigniew Jędrzejewski-Szmek <zbyszek@amutable.com>

Mon, 1 Jun 2026 12:20:47 +0000 (14:20 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 1 Jun 2026 14:06:20 +0000 (15:06 +0100)
author Zbigniew Jędrzejewski-Szmek <zbyszek@amutable.com>
Mon, 1 Jun 2026 12:20:47 +0000 (14:20 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 1 Jun 2026 14:06:20 +0000 (15:06 +0100)
diff --git a/docs/SECURITY.md b/docs/SECURITY.md

index 6a3102a7174162a7f2358b6e10f6a8a87ed242dd..2caeb102aa4b49b6f8adda9542c352f8e95bc069 100644 (file)
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -8,8 +8,8 @@ SPDX-License-Identifier: LGPL-2.1-or-later
  # Reporting of Security Vulnerabilities
  
  If you discover a security vulnerability, we'd appreciate a non-public disclosure.
-systemd developers can be contacted privately by creating a new **[Security Advisory on GitHub](https://github.com/systemd/systemd/security/advisories/new)**
-or via the **[systemd-security@redhat.com](mailto:systemd-security@redhat.com) mailing list**.
+systemd developers can be contacted privately by creating a new **[Security Advisory on GitHub](https://github.com/systemd/systemd/security/advisories/new)** (preferred)
+or via the [systemd-security@redhat.com](mailto:systemd-security@redhat.com) mailing list.
  The disclosure will be coordinated with distributions.
  
  (The [issue tracker](https://github.com/systemd/systemd/issues) and [systemd-devel mailing list](https://lists.freedesktop.org/mailman/listinfo/systemd-devel) are fully public.)
author	Zbigniew Jędrzejewski-Szmek <zbyszek@amutable.com>
	Mon, 1 Jun 2026 12:20:47 +0000 (14:20 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 1 Jun 2026 14:06:20 +0000 (15:06 +0100)