besu/SECURITY.md

# Hyperledger Security Policy

## Reporting a Security Bug

If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to
hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
patch it within a reasonable amount of time and release a public security bulletin discussing the
impact and credit the discoverer.

There are two ways to report a security bug. The easiest is to email a description of the flaw and
any related information (e.g. reproduction steps, version) to
[security at hyperledger dot org](mailto:security@hyperledger.org).

The other way is to file a confidential security bug in our
[JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to
“Security issue”.

The process by which the Hyperledger Security Team handles security bugs is documented further in
our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our
[wiki](https://wiki.hyperledger.org).
roll back on ALL-CAPS.md files for TSC proposal (#376) Signed-off-by: Felipe Faraggi <felipefaraggi@gmail.com> 5 years ago			`# Hyperledger Security Policy`

			`## Reporting a Security Bug`

Update Code of Conduct and Security (#446) This brings our code of conduct and security file in line with automated checks. The changes to `SECURITY.md` are mostly formatting, adding newlines so it line wraps at 80 lines and fixing a dead link. The `CODE_OF_CONDUCT.md` is a more substantial change. Rather than the being subject to both the contributor covenant and the Hyperledger CoC this change makes the project only subject to the Hyperledger CoC. Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com> 5 years ago			`If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to`
			`hear from you. We will take all security bugs seriously and if confirmed upon investigation we will`
			`patch it within a reasonable amount of time and release a public security bulletin discussing the`
			`impact and credit the discoverer.`
roll back on ALL-CAPS.md files for TSC proposal (#376) Signed-off-by: Felipe Faraggi <felipefaraggi@gmail.com> 5 years ago
Update Code of Conduct and Security (#446) This brings our code of conduct and security file in line with automated checks. The changes to `SECURITY.md` are mostly formatting, adding newlines so it line wraps at 80 lines and fixing a dead link. The `CODE_OF_CONDUCT.md` is a more substantial change. Rather than the being subject to both the contributor covenant and the Hyperledger CoC this change makes the project only subject to the Hyperledger CoC. Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com> 5 years ago			`There are two ways to report a security bug. The easiest is to email a description of the flaw and`
			`any related information (e.g. reproduction steps, version) to`
			`[security at hyperledger dot org](mailto:security@hyperledger.org).`
roll back on ALL-CAPS.md files for TSC proposal (#376) Signed-off-by: Felipe Faraggi <felipefaraggi@gmail.com> 5 years ago
Update Code of Conduct and Security (#446) This brings our code of conduct and security file in line with automated checks. The changes to `SECURITY.md` are mostly formatting, adding newlines so it line wraps at 80 lines and fixing a dead link. The `CODE_OF_CONDUCT.md` is a more substantial change. Rather than the being subject to both the contributor covenant and the Hyperledger CoC this change makes the project only subject to the Hyperledger CoC. Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com> 5 years ago			`The other way is to file a confidential security bug in our`
			`[JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to`
			`“Security issue”.`
roll back on ALL-CAPS.md files for TSC proposal (#376) Signed-off-by: Felipe Faraggi <felipefaraggi@gmail.com> 5 years ago
Update Code of Conduct and Security (#446) This brings our code of conduct and security file in line with automated checks. The changes to `SECURITY.md` are mostly formatting, adding newlines so it line wraps at 80 lines and fixing a dead link. The `CODE_OF_CONDUCT.md` is a more substantial change. Rather than the being subject to both the contributor covenant and the Hyperledger CoC this change makes the project only subject to the Hyperledger CoC. Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com> 5 years ago			`The process by which the Hyperledger Security Team handles security bugs is documented further in`
			`our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our`
			`[wiki](https://wiki.hyperledger.org).`