containers/bootc
1
0
Fork 0
mirror of https://github.com/containers/bootc.git synced 2026-02-05 06:45:13 +01:00
Code Issues Activity
Files
3a0c6abd9bc79f07302b27bf66f63c3943e7a6c8
bootc/SECURITY.md

20 lines
921 B
Markdown
Raw Normal View History

GOVERNANCE: Add Governance doc for CNCF onboarding This is implementing https://github.com/cncf/project-template/blob/main/GOVERNANCE-maintainer.md Co-authored-by: Colin Walters <walters@verbum.org> Signed-off-by: Joseph Marrero Corchado <jmarrero@redhat.com> Signed-off-by: Colin Walters <walters@verbum.org>
2025-03-10 21:09:57 -04:00
# Security Policy
## Reporting a Vulnerability
If you find a potential security vulnerability in bootc, please report it by following these steps:
### 1. **Use the GitHub Security Tab**
This repository is set up to allow vulnerability reports through GitHub's Security Advisories feature. To report a vulnerability:
1. Navigate to the repository's main page.
2. Select the [**Security**](https://github.com/bootc-dev/bootc/security) tab.
3. Select **Advisories** from the left-hand sidebar.
4. Click on **Report a vulnerability**.
5. Fill in the required details and submit the report.
Following this process will create a private advisory for our maintainers to review.
### 2. **Do Not Open Public Pull Requests, Issues, or Discussions**
Please **do not** discuss the issue, create PRs, or start discussions about the vulnerability. This ensures the vulnerability is not widely exploited before a fix is provided.
Copy Permalink