Update DOI security email address

We now have a Docker alias for this 🎉
vakarisbk · Apr 17, 2023 · e573c66 · e573c66
1 parent 18d0bdd
commit e573c66
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -301,7 +301,7 @@ Official Repositories that require additional privileges should specify the mini
 
 For image updates which constitute a security fix, there are a few things we recommend to help ensure your update is merged, built, and released as quickly as possible:
 
-1.	[Send an email to `doi-security@infosiftr.com`](mailto:doi-security@infosiftr.com) a few (business) days in advance to give us a heads up and a timing estimate (so we can schedule time for the incoming update appropriately).
+1.	[Send an email to `doi@docker.com`](mailto:doi@docker.com) a few (business) days in advance to give us a heads up and a timing estimate (so we can schedule time for the incoming update appropriately).
 2.	Include `[security]` in the title of your pull request (for example, `[security] Update FooBar to 1.2.5, 1.3.7, 2.0.1`).
 3.	Keep the pull request free of changes that are unrelated to the security fix -- we'll still be doing review of the update, but it will be expedited so this will help us help you.
 4.	Be active and responsive to comments on the pull request after it's opened (as usual, but even more so if the timing of the release is of importance).

diff --git a/SECURITY.md b/SECURITY.md
@@ -4,6 +4,6 @@ If you believe you have found a security vulnerability, please make every effort
 
 When the issue relates to a specific image, please make an effort to (privately) contact the maintainers of that specific image.  Some maintainers publish/maintain a `SECRUITY.md` in their GitHub repository, for example, which can be a great place to find information about how to report an issue appropriately.
 
-For issues related to anything maintained under [@docker-library on GitHub](https://github.com/docker-library) or associated infrastructure, please [send an email to `doi-security@infosiftr.com`](mailto:doi-security@infosiftr.com).
+For issues related to anything maintained under [@docker-library on GitHub](https://github.com/docker-library) or associated infrastructure, please [send an email to `doi@docker.com`](mailto:doi@docker.com) or [use GitHub's security advisory feature](https://github.com/docker-library/official-images/security/advisories/new).
 
 Image maintainers should also be aware of the ["Security Releases" section of the maintainer documentation](https://github.com/docker-library/official-images#security-releases) for pre-notifying the project maintainers of upcoming security-related releases.