[pulsar] branch master updated: [doc][workflow] Add Reporting Vulnerabilities section to Security Policy (#16962)

Mon, 08 Aug 2022 19:52:38 -0700 

This is an automated email from the ASF dual-hosted git repository.

liuyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new b1ad198e101 [doc][workflow] Add Reporting Vulnerabilities section to 
Security Policy (#16962)
b1ad198e101 is described below

commit b1ad198e101a106cac1c99f0bf812a1983c4fc2c
Author: tison <[email protected]>
AuthorDate: Tue Aug 9 10:52:23 2022 +0800

    [doc][workflow] Add Reporting Vulnerabilities section to Security Policy 
(#16962)
---
 SECURITY.md                                          | 2 +-
 site2/docs/security-policy-and-supported-versions.md | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index c474eb7f4bd..7bd3ead079f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,3 +1,3 @@
 # Security Policy
 
-The security policy and supported versions are outlined on the Pulsar website 
here: https://pulsar.apache.org/docs/security-policy-and-supported-versions/.
\ No newline at end of file
+The security policy and supported versions are outlined on the Pulsar website 
here: https://pulsar.apache.org/docs/security-policy-and-supported-versions/.
diff --git a/site2/docs/security-policy-and-supported-versions.md 
b/site2/docs/security-policy-and-supported-versions.md
index 23368650777..ac907e12c70 100644
--- a/site2/docs/security-policy-and-supported-versions.md
+++ b/site2/docs/security-policy-and-supported-versions.md
@@ -14,6 +14,12 @@ https://pulsar.apache.org/docs/en/security-overview/.
 The Pulsar community will announce security vulnerabilities and how to 
mitigate them on the [[email protected]](mailto:[email protected]).
 For instructions on how to subscribe, please see 
https://pulsar.apache.org/contact/.
 
+## Reporting Vulnerabilities
+
+The Pulsar community follows the ASF [vulnerability handling 
process](https://apache.org/security/#vulnerability-handling).
+
+To report a new vulnerability you have discovered please follow the [ASF 
vulnerability reporting 
process](https://apache.org/security/#reporting-a-vulnerability).
+
 ## Versioning Policy
 
 The Pulsar project adheres to [Semantic 
Versioning](http://semver.org/spec/v2.0.0.html). Existing releases can expect

Reply via email to