This is an automated email from the ASF dual-hosted git repository.
fanningpj pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-pekko.git
The following commit(s) were added to refs/heads/main by this push:
new ec68a5280b update security docs (#114)
ec68a5280b is described below
commit ec68a5280ba7305e8c33f0fba6d2922cec81a97d
Author: PJ Fanning <[email protected]>
AuthorDate: Wed Jan 18 16:22:05 2023 +0100
update security docs (#114)
---
docs/src/main/paradox/security/index.md | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/docs/src/main/paradox/security/index.md
b/docs/src/main/paradox/security/index.md
index f4a20b6cd4..cd919f06be 100644
--- a/docs/src/main/paradox/security/index.md
+++ b/docs/src/main/paradox/security/index.md
@@ -2,19 +2,20 @@
## Receiving Security Advisories
-The best way to receive any and all security announcements is to subscribe to
the [Pekko security
list](https://groups.google.com/forum/#!forum/akka-security).
+The best way to receive any and all security announcements is to subscribe to
the [Apache Announce Mailing
List](https://lists.apache.org/[email protected]).
-The mailing list is very low traffic, and receives notifications only after
security reports have been managed by the core team and fixes are publicly
available.
+This mailing list has a reasonable level of traffic, and receives
notifications only after security reports have been managed by the core Apache
teams and fixes are publicly available.
+
+This mailing list also has announcements of releases for Apache projects.
## Reporting Vulnerabilities
We strongly encourage people to report such problems to our private security
mailing list first, before disclosing them in a public forum.
-Following best practice, we strongly encourage anyone to report potential
security
-vulnerabilities to [[email protected]](mailto:[email protected]) before
disclosing them in a public forum like the mailing list or as a GitHub issue.
+Please follow the [guidelines](https://www.apache.org/security/) laid down by
the Apache Security team.
-Reports to this email address will be handled by our security team, who will
work together with you
-to ensure that a fix can be provided without delay.
+Ideally, any issues affecting Apache Pekko and Akka should be reported to
Apache team first. We will share the
+report with the Lightbend Akka team.
## Security Related Documentation
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]