From 376d301f7fa30067653e01d8b60c4c269e5d4b83 Mon Sep 17 00:00:00 2001 From: WalkerWatch Date: Mon, 6 Feb 2017 17:18:03 -0500 Subject: [PATCH] Updating contribution instructions for security issues. Signed-off-by: WalkerWatch --- CONTRIBUTING.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3858e9bd5cb..90a9c7039dc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -52,3 +52,13 @@ Create a new bug Be sure to search for existing bugs before you create another one. Remember that contributions are always welcome! - [https://github.com/eclipse/jetty.project/issues](https://github.com/eclipse/jetty.project/issues) + +Reporting Security Issues +----------------- +There are a number of avenues for reporting security issues to the Jetty project available. +If the issue is directly related to Jetty itself then reporting to the Jetty developers is encouraged. +The most direct method is to mail [security@webtide.com](mailto:security@webtide.com). +Webtide is comprised of the active committers of the Jetty project is our preferred reporting method. +We are flexible in how we work with reporters of security issues but we reserve the right to act in the interests of the Jetty project in all circumstances. + +If the issue is related to Eclipse or its Jetty integration then we encourage you to reach out to [security@eclipse.org](mailto:security@eclipse.org).