You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by Apache Wiki <wi...@apache.org> on 2018/02/18 22:55:04 UTC

[Spamassassin Wiki] Update of "SecurityPolicy" by SidneyMarkowitz

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Spamassassin Wiki" for change notification.

The "SecurityPolicy" page has been changed by SidneyMarkowitz:
https://wiki.apache.org/spamassassin/SecurityPolicy?action=diff&rev1=4&rev2=5

Comment:
Add explicit reporting process

  = Our Security Policy =
+ 
+ === Reporting a vulnerability ===
+ 
+ To report a vulnerability you can either email security /at/ spamassassin.apache.org or open a bugzilla issue being very careful to set the Component to Security so that it is not generally visible. If you create the bug report you will have access to it, as will the security team.
+ 
+ === Security team process ===
  
  Once a potential vulnerability is reported to the committers, and has been verified to be an issue, here's what to do (based on what we did for bug 5480):