You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ho...@apache.org on 2022/10/31 20:42:41 UTC
[solr-site] 01/01: Warn about scans in security section.
This is an automated email from the ASF dual-hosted git repository.
houston pushed a commit to branch vuln-scans
in repository https://gitbox.apache.org/repos/asf/solr-site.git
commit 322d09574fea4a3b55264d767aee6679a6fd6423
Author: Houston Putman <ho...@apache.org>
AuthorDate: Mon Oct 31 16:42:36 2022 -0400
Warn about scans in security section.
Hopefully less people will email the list with these issues.
---
content/pages/security.md | 3 +++
1 file changed, 3 insertions(+)
diff --git a/content/pages/security.md b/content/pages/security.md
index 7ed73b1e5..0a8516d70 100644
--- a/content/pages/security.md
+++ b/content/pages/security.md
@@ -7,6 +7,9 @@ template: security
If you believe you have discovered a vulnerability in Solr, you may first want to consult the [list of known false positives](https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity#SolrSecurity-SolrandVulnerabilityScanningTools) to make sure you are reporting a real vulnerability.
Then please disclose responsibly by following [these ASF guidelines](https://www.apache.org/security/) for reporting.
+The Solr PMC will not accept the output of a vulnerability scan as a security report.
+Please do not email the security list with issues on Solr dependencies or outputs from vulnerability scanning tools.
+
You may file your request by email to <ma...@solr.apache.org>.
## More information