Commit c211c3dd8dddee529dcabfe67b89839890ec1abf
1 parent
8c21beb3
doc: updated SECURITY with a link to reporting via Github
Showing
1 changed file
with
6 additions
and
3 deletions
SECURITY.md
| @@ -15,12 +15,15 @@ currently being supported with security updates: | @@ -15,12 +15,15 @@ currently being supported with security updates: | ||
| 15 | ## Reporting a Vulnerability | 15 | ## Reporting a Vulnerability |
| 16 | 16 | ||
| 17 | If you would like to report a vulnerability affecting the oletools project, | 17 | If you would like to report a vulnerability affecting the oletools project, |
| 18 | -please send a first email to decalage at laposte dot net, without giving | ||
| 19 | -technical details. You will then be provided with a GPG key to send | 18 | +you may use the link "[Report a vulnerability](https://github.com/decalage2/oletools/security/advisories/new)" |
| 19 | +on Github. | ||
| 20 | + | ||
| 21 | +If you prefer not to use Github, please send a first email to decalage at laposte dot net, without giving | ||
| 22 | +technical details. You will then be provided with a GPG public key to send | ||
| 20 | encrypted emails. | 23 | encrypted emails. |
| 21 | 24 | ||
| 22 | Alternatively you may also contact me via X/Twitter, Mastodon or BlueSky | 25 | Alternatively you may also contact me via X/Twitter, Mastodon or BlueSky |
| 23 | -using private messages (see https://linktr.ee/decalage). | 26 | +using private messages (see https://linktr.ee/decalage) to get the GPG key. |
| 24 | 27 | ||
| 25 | Please note that oletools is a non-commercial open-source project maintained | 28 | Please note that oletools is a non-commercial open-source project maintained |
| 26 | on my spare time. I will do my best to answer in due time and fix | 29 | on my spare time. I will do my best to answer in due time and fix |