From 0c911558627a1e6e7ba95aac8c4e2dfef64e5d4b Mon Sep 17 00:00:00 2001 From: Stephen J Day Date: Mon, 30 Jan 2017 14:56:54 -0800 Subject: [PATCH] README: update security email Signed-off-by: Stephen J Day --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index d65261e..0f5a040 100644 --- a/README.md +++ b/README.md @@ -88,16 +88,16 @@ the alternatives you tried before submitting a PR. # Reporting security issues -The maintainers take security seriously. If you discover a security -issue, please bring it to their attention right away! +Please DO NOT file a public issue, instead send your report privately to +security@opencontainers.org. -Please DO NOT file a public issue, instead send your report privately -to security@docker.com. +The maintainers take security seriously. If you discover a security issue, +please bring it to their attention right away! -Security reports are greatly appreciated and we will publicly thank you -for it. We also like to send gifts—if you're into Docker schwag, make -sure to let us know. We currently do not offer a paid security bounty -program, but are not ruling it out in the future. +If you are reporting a security issue, do not create an issue or file a pull +request on GitHub. Instead, disclose the issue responsibly by sending an email +to security@opencontainers.org (which is inhabited only by the maintainers of +the various OCI projects). # Copyright and license