Mercurial > mplayer.hg
changeset 18061:38e5974fa140
Explain how security issues should be reported, based on a patch by Ivann, featuring Reimar's suggestions
+ email scrambling using this form: http://www.golivecentral.com/pages/txttut/scramble.shtml (I hope it will be enough not to get too much spam though this link)
| author | gpoirier |
|---|---|
| date | Sun, 09 Apr 2006 12:45:49 +0000 |
| parents | cbc29633fbee |
| children | 1d9a88da6a52 |
| files | DOCS/xml/en/bugreports.xml |
| diffstat | 1 files changed, 14 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/DOCS/xml/en/bugreports.xml Sun Apr 09 12:13:59 2006 +0000 +++ b/DOCS/xml/en/bugreports.xml Sun Apr 09 12:45:49 2006 +0000 @@ -11,6 +11,20 @@ that you have to provide <emphasis role="bold">all</emphasis> of the information we request and follow the instructions in this document closely. </para> +<sect1 id="bugreports_security"> +<title>Report security releated bugs</title> +<para> +In case you have found an exploitable bug and you would like to do the +right thing and let us fix it before you disclose it, we would be happy +to get your security advisory at +<ulink url="mailto:security@mplayerhq.hu">security@mplayerhq.hu</ulink>. +Please add [SECURITY] or [ADVISORY] in the subject. +Be sure that your report contains complete and detailed analysis of the bug. +Sending a fix is highly appreciated. +Please don't delay your report to write proof-of-concept exploit, you can +send that one with another mail. +</para> +</sect1> <sect1 id="bugreports_fix"> <title>How to fix bugs</title> <para>