Auto merge of #4958 - zcash:4957_add_foundation_to_responsible_disclosure_list, r=str4d
Add Zcash Foundation to disclosure partners list Adding the newly-negotiated agreement with the Foundation to our public commitment.
This commit is contained in:
commit
f0dcc1dbbe
|
@ -49,8 +49,9 @@ In the case where we fix a security issue in Zcash that also affects the followi
|
|||
|
||||
We have set up agreements with the following neighboring projects to share vulnerability information, subject to the deviations described in the next section.
|
||||
|
||||
Specifically, we have agreed to engage in responsible disclosures for security issues affecting Zcash technology with the following contacts:
|
||||
Specifically, we have agreed to engage in responsible disclosures for security issues affecting this repository with the following contacts:
|
||||
|
||||
- Zcash Foundation https://github.com/ZcashFoundation/zebra/security/policy
|
||||
- Horizen security@horizen.com via PGP
|
||||
- Komodo ca333@komodoplatform.com via PGP
|
||||
- BitcoinABC https://github.com/Bitcoin-ABC/bitcoin-abc/blob/master/DISCLOSURE_POLICY.md
|
||||
|
@ -63,4 +64,3 @@ The standard describes reporters of vulnerabilities including full details of an
|
|||
|
||||
In the case of a counterfeiting bug, however, just like in CVE-2019-7167, we might decide not to include those details with our reports to partners ahead of coordinated release, so long as we are sure that they are vulnerable.
|
||||
|
||||
|
Loading…
Reference in New Issue