gre-ilya/libuv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update vulnerability reporting instructions in SECURITY.md

Browse Source 
Corrected the phrasing regarding the reporting of security vulnerabilities and clarified the email address for reporting.
This commit is contained in:
Jameson Nash 2026-03-29 08:37:02 -04:00 committed by GitHub
parent a38b6bfc1e
commit 31f6d2cf86
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -10,7 +10,7 @@ Currently, we are providing security updates for the latest release in the v1.x
## Reporting a Vulnerability ## Reporting a Vulnerability
If you believe you have found an active security vulnerability in `libuv`, please use the libuv-security@googlegroups.com to report it to us. Please report all other issues on the github issue tracker. We have been forced to terminate the ability to use Github's private vulnerability reporting due to a flood of AI-generate report spam, and a lack of sufficient moderation tools to manage the false reports. If you believe you have found an active security vulnerability in `libuv`, please report it to libuv-security@googlegroups.com. Please report all other issues on the github issue tracker. We have been forced to terminate the ability to use Github's private vulnerability reporting due to a flood of AI-generated report spam, and a lack of sufficient moderation tools to manage the false reports.
This will allow us to assess the risk and make a fix available before we add a bug report to the GitHub repository and issue a Github security advisory and assign a CVE. This will allow us to assess the risk and make a fix available before we add a bug report to the GitHub repository and issue a Github security advisory and assign a CVE.