Commit ecad5b89 authored by Sandrine Bailleux's avatar Sandrine Bailleux
Browse files

doc: Emphasize that security issues must not be reported as normal bugs



Change-Id: I43e452c9993a8608b20ec029562982f5dcf8e6b2
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
parent a88b3c29
......@@ -20,13 +20,15 @@ Found a Security Issue?
Although we try to keep TF-A secure, we can only do so with the help of the
community of developers and security researchers.
If you think you have found a security vulnerability, please **do not** report
it in the `issue tracker`_ or on the `mailing list`_. Instead, please follow the
`TrustedFirmware.org security incident process`_. One of the goals of this
process is to ensure providers of products that use TF-A have a chance to
consider the implications of the vulnerability and its remedy before it is made
public. As such, please follow the disclosure plan outlined in the process. We
do our best to respond and fix any issues quickly.
.. warning::
If you think you have found a security vulnerability, please **do not**
report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
follow the `TrustedFirmware.org security incident process`_.
One of the goals of this process is to ensure providers of products that use
TF-A have a chance to consider the implications of the vulnerability and its
remedy before it is made public. As such, please follow the disclosure plan
outlined in the process. We do our best to respond and fix any issues quickly.
Afterwards, we encourage you to write-up your findings about the TF-A source
code.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment