tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Clarify docs around security releases on supported modules

Browse Source
This commit is contained in:
Ingo Schommer 2018-03-07 11:07:17 +13:00
parent e0b94e6971
commit 13c9372a1d
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/en/05_Contributing/04_Release_Process.md
View File

@ -105,12 +105,15 @@ SS_DEPRECATION_ENABLED="0"
### Reporting an issue
Report security issues to [security@silverstripe.com](mailto:security@silverstripe.com).
Report security issues in our [commercially supported modules](https://www.silverstripe.org/software/addons/silverstripe-commercially-supported-module-list/)
to [security@silverstripe.com](mailto:security@silverstripe.com).
Please don't file security issues in our [bugtracker](issues_and_bugs).
### Acknowledgment and disclosure
In the event of a confirmed vulnerability in SilverStripe core, we will take the following actions:
In the event of a confirmed vulnerability in our
[supported modules](https://www.silverstripe.org/software/addons/silverstripe-commercially-supported-module-list/),
we will take the following actions:
* Acknowledge to the reporter that weve received the report and that a fix is forthcoming. Well give a rough
timeline and ask the reporter to keep the issue confidential until we announce it.