-
-
Notifications
You must be signed in to change notification settings - Fork 110
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update wording in ussue template and security reporting
- Loading branch information
1 parent
16cf8cf
commit 170a0d8
Showing
2 changed files
with
9 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,20 +2,20 @@ | |
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| It is highly appreciated to report a vulnerability to the Monal developers. We ask you for | ||
| disclosure until it has been fixed. This prevents abuse and exploitation in the current published releases. | ||
| It is highly appreciated to report a vulnerability to the Monal developers. We kindly ask you to not | ||
| disclose it until it has been fixed. This prevents abuse and exploitation in the current published releases. | ||
|
|
||
| Please report issues directly to [email protected]. | ||
| Please report issues directly via mail to [email protected]. | ||
|
|
||
| Please try to report | ||
| - in detail what you are concerned about | ||
| Please try to report in detail: | ||
| - what you are concerned about | ||
| - if applicable, how to reproduce | ||
| - your contact details, if the sending email is not enough. That way we can ask questions back to you. | ||
|
|
||
| You are also invited to make a recommendation on how to fix a potential security vulnerability. | ||
|
|
||
| Once a vulnerability has been announced and indicated we try our very best to provide a fix as soon as possible, | ||
| at its best within days. However, dependent on the potential issue it can take longer if many code sections need to be changed. | ||
| Please be reminded that this is a non-commercial software project. | ||
| Once a vulnerability has been reported and confirmed we try our very best to provide a fix as soon as possible, | ||
| at its best within days. However, depending on the potential issue it can take longer if many code sections need to be changed. | ||
| Please keep in mind that this is a non-commercial software project run by volunteers. | ||
|
|
||
| Thank you for considering to report a security vulnerability. This improves the quality of the app significantly. | ||