Merge changes from topic "sb/contribution-guidelines" into integration
* changes: doc: Mention the TF-A Tech Forum as a way to contact developers doc: Emphasize that security issues must not be reported as normal bugs
This commit is contained in:
commit
fe6a3d1a33
|
@ -24,6 +24,15 @@ The relevant lists for the TF-A project are:
|
|||
|
||||
You can see a `summary of all the lists`_ on the TrustedFirmware.org website.
|
||||
|
||||
Open Tech Forum Call
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Every other week, we organize a call with all interested TF-A contributors.
|
||||
Anyone is welcome to join. This is an opportunity to discuss any technical
|
||||
topic within the community. More details can be found `here`_.
|
||||
|
||||
.. _here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
|
||||
|
||||
Issue Tracker
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
|
|
|
@ -20,13 +20,15 @@ Found a Security Issue?
|
|||
Although we try to keep TF-A secure, we can only do so with the help of the
|
||||
community of developers and security researchers.
|
||||
|
||||
If you think you have found a security vulnerability, please **do not** report
|
||||
it in the `issue tracker`_ or on the `mailing list`_. Instead, please follow the
|
||||
`TrustedFirmware.org security incident process`_. One of the goals of this
|
||||
process is to ensure providers of products that use TF-A have a chance to
|
||||
consider the implications of the vulnerability and its remedy before it is made
|
||||
public. As such, please follow the disclosure plan outlined in the process. We
|
||||
do our best to respond and fix any issues quickly.
|
||||
.. warning::
|
||||
If you think you have found a security vulnerability, please **do not**
|
||||
report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
|
||||
follow the `TrustedFirmware.org security incident process`_.
|
||||
|
||||
One of the goals of this process is to ensure providers of products that use
|
||||
TF-A have a chance to consider the implications of the vulnerability and its
|
||||
remedy before it is made public. As such, please follow the disclosure plan
|
||||
outlined in the process. We do our best to respond and fix any issues quickly.
|
||||
|
||||
Afterwards, we encourage you to write-up your findings about the TF-A source
|
||||
code.
|
||||
|
|
Loading…
Reference in New Issue