From e3b3cf27da0eca4879aebb0f65e89fd0e790072d Mon Sep 17 00:00:00 2001 From: Artem Smotrakov Date: Thu, 15 Oct 2020 20:39:37 +0200 Subject: [PATCH] Added a security policy (#10692) Motivation: The process of reporting security issues should be documented and easy to find. Modification: Added a SECURITY.md file that describes how to report a security issue. Result: It's a bit easier to find the docs that describe how security issues should be reported. Also, when someone creates an issue the repository, they will see a link to the security policy. --- SECURITY.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..12aa95ea99 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Reporting a security issue + +If you think the bug you found is likely to make Netty-based applications vulnerable to an attack, +please do not use our public issue tracker +but report it to [the dedicated private Google Group](https://groups.google.com/d/forum/netty-security).