There is no point in having the special process if a contributor refuses or doesn't agree with the confidentiality terms.
Signed-off-by: Flavio Leitner <f...@redhat.com> --- SECURITY.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index e1db4cb..e66a43f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -108,8 +108,7 @@ Steps 3a and 3b may proceed in parallel. The security team develops and obtains (private) reviews for patches that fix the vulnerability. If necessary, the security team pulls in -additional developers, who should be asked to maintain -confidentiality. +additional developers, who must agree to maintain confidentiality. Step 4: Embargoed Disclosure -- 2.1.0 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
