RFR: 8340815: Add SECURITY.md file
George Adams
gdams at openjdk.org
Tue Sep 24 13:36:20 UTC 2024
Currently the [security tab](https://github.com/openjdk/jdk/security) on the GitHub repos is empty with no clear information or links on where to report security vulnerabilities.
<img width="1278" alt="Screenshot 2024-09-24 at 14 28 37" src="https://github.com/user-attachments/assets/4fd68f9f-46d8-4c06-ad71-52747c8f5cf2">
I've made an exact copy of https://openjdk.org/groups/vulnerability/report which hasn't changed since 2019 so is unlikely to require regular updating. The other option is that we simply provide a link in the security file to this policy on the website? I'm happy with either approach.
-------------
Commit messages:
- 8340815: Add SECURITY.md file
Changes: https://git.openjdk.org/jdk/pull/21155/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=21155&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8340815
Stats: 19 lines in 1 file changed: 19 ins; 0 del; 0 mod
Patch: https://git.openjdk.org/jdk/pull/21155.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/21155/head:pull/21155
PR: https://git.openjdk.org/jdk/pull/21155
More information about the build-dev
mailing list