blockworks-foundation
/
solana-with-rpc-optimizations
mirror of https://github.com/blockworks-foundation/solana-with-rpc-optimizations.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update SECURITY.md

This commit is contained in:
scriptrunner2049 2022-05-18 00:23:21 +08:00 committed by GitHub
parent 85a2e599bb
commit dd22b0cb84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SECURITY.md
View File

@ -59,12 +59,12 @@ Once the fix has been deployed to the security group validators, the patches fro
### 7. Security Advisory Bounty Accounting and Cleanup ### 7. Security Advisory Bounty Accounting and Cleanup
If this issue is eligible for a bounty, prefix the title of the security advisory with one of the following, depending on the severity: If this issue is eligible for a bounty, prefix the title of the security advisory with one of the following, depending on the severity:
[Bounty Category: Critical: Loss of Funds] - [Bounty Category: Critical: Loss of Funds]
[Bounty Category: Critical: Consensus / Safety Violations] - [Bounty Category: Critical: Consensus / Safety Violations]
[Bounty Category: Critical: Liveness / Loss of Availability] - [Bounty Category: Critical: Liveness / Loss of Availability]
[Bounty Category: Critical: DoS Attacks] - [Bounty Category: Critical: DoS Attacks]
[Bounty Category: Supply Chain Attacks] - [Bounty Category: Supply Chain Attacks]
[Bounty Category: RPC] - [Bounty Category: RPC]
Confirm with the reporter that they agree with the severity assessment, and discuss as required to reach a conclusion. Confirm with the reporter that they agree with the severity assessment, and discuss as required to reach a conclusion.
We currently do not use the Github workflow to publish security advisories. Once the issue and fix have been disclosed, and a bounty category is assessed if appropriate, the GitHub security advisory is no longer needed and can be closed. We currently do not use the Github workflow to publish security advisories. Once the issue and fix have been disclosed, and a bounty category is assessed if appropriate, the GitHub security advisory is no longer needed and can be closed.