blockworks-foundation
/
solana
mirror of https://github.com/blockworks-foundation/solana.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update SECURITY.md

This commit is contained in:
scriptrunner2049 2022-05-18 00:23:21 +08:00 committed by GitHub
parent 85a2e599bb
commit dd22b0cb84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SECURITY.md
View File

@ -59,12 +59,12 @@ Once the fix has been deployed to the security group validators, the patches fro
### 7. Security Advisory Bounty Accounting and Cleanup
If this issue is eligible for a bounty, prefix the title of the security advisory with one of the following, depending on the severity:
[Bounty Category: Critical: Loss of Funds]
[Bounty Category: Critical: Consensus / Safety Violations]
[Bounty Category: Critical: Liveness / Loss of Availability]
[Bounty Category: Critical: DoS Attacks]
[Bounty Category: Supply Chain Attacks]
[Bounty Category: RPC]
- [Bounty Category: Critical: Loss of Funds]
- [Bounty Category: Critical: Consensus / Safety Violations]
- [Bounty Category: Critical: Liveness / Loss of Availability]
- [Bounty Category: Critical: DoS Attacks]
- [Bounty Category: Supply Chain Attacks]
- [Bounty Category: RPC]
Confirm with the reporter that they agree with the severity assessment, and discuss as required to reach a conclusion.
We currently do not use the Github workflow to publish security advisories. Once the issue and fix have been disclosed, and a bounty category is assessed if appropriate, the GitHub security advisory is no longer needed and can be closed.