Update SECURITY.md
This commit is contained in:
parent
85a2e599bb
commit
dd22b0cb84
12
SECURITY.md
12
SECURITY.md
|
@ -59,12 +59,12 @@ Once the fix has been deployed to the security group validators, the patches fro
|
||||||
|
|
||||||
### 7. Security Advisory Bounty Accounting and Cleanup
|
### 7. Security Advisory Bounty Accounting and Cleanup
|
||||||
If this issue is eligible for a bounty, prefix the title of the security advisory with one of the following, depending on the severity:
|
If this issue is eligible for a bounty, prefix the title of the security advisory with one of the following, depending on the severity:
|
||||||
[Bounty Category: Critical: Loss of Funds]
|
- [Bounty Category: Critical: Loss of Funds]
|
||||||
[Bounty Category: Critical: Consensus / Safety Violations]
|
- [Bounty Category: Critical: Consensus / Safety Violations]
|
||||||
[Bounty Category: Critical: Liveness / Loss of Availability]
|
- [Bounty Category: Critical: Liveness / Loss of Availability]
|
||||||
[Bounty Category: Critical: DoS Attacks]
|
- [Bounty Category: Critical: DoS Attacks]
|
||||||
[Bounty Category: Supply Chain Attacks]
|
- [Bounty Category: Supply Chain Attacks]
|
||||||
[Bounty Category: RPC]
|
- [Bounty Category: RPC]
|
||||||
Confirm with the reporter that they agree with the severity assessment, and discuss as required to reach a conclusion.
|
Confirm with the reporter that they agree with the severity assessment, and discuss as required to reach a conclusion.
|
||||||
|
|
||||||
We currently do not use the Github workflow to publish security advisories. Once the issue and fix have been disclosed, and a bounty category is assessed if appropriate, the GitHub security advisory is no longer needed and can be closed.
|
We currently do not use the Github workflow to publish security advisories. Once the issue and fix have been disclosed, and a bounty category is assessed if appropriate, the GitHub security advisory is no longer needed and can be closed.
|
||||||
|
|
Loading…
Reference in New Issue