CTCaer/switch-l4t-atf
1
0
Fork 0
mirror of https://github.com/CTCaer/switch-l4t-atf.git synced 2025-02-21 11:00:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

doc: Emphasize that security issues must not be reported as normal bugs

Browse Source 
Change-Id: I43e452c9993a8608b20ec029562982f5dcf8e6b2
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This commit is contained in:
Sandrine Bailleux 2020-08-12 10:52:32 +02:00
parent a88b3c296a
commit ecad5b8966
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
docs/process/security.rst
View File

@ -20,13 +20,15 @@ Found a Security Issue?
Although we try to keep TF-A secure, we can only do so with the help of the
community of developers and security researchers.
If you think you have found a security vulnerability, please **do not** report
it in the `issue tracker`_ or on the `mailing list`_. Instead, please follow the
`TrustedFirmware.org security incident process`_. One of the goals of this
process is to ensure providers of products that use TF-A have a chance to
consider the implications of the vulnerability and its remedy before it is made
public. As such, please follow the disclosure plan outlined in the process. We
do our best to respond and fix any issues quickly.
.. warning::
If you think you have found a security vulnerability, please **do not**
report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
follow the `TrustedFirmware.org security incident process`_.
One of the goals of this process is to ensure providers of products that use
TF-A have a chance to consider the implications of the vulnerability and its
remedy before it is made public. As such, please follow the disclosure plan
outlined in the process. We do our best to respond and fix any issues quickly.
Afterwards, we encourage you to write-up your findings about the TF-A source
code.