An enterprise-grade Java-based, Apache 2.0 licensed Ethereum client https://wiki.hyperledger.org/display/besu
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
besu/SECURITY.md

23 lines
1.0 KiB

# Hyperledger Security Policy
## Reporting a Security Bug
If you think you have discovered a security issue in any of the Hyperledger
projects, we'd love to hear from you. We will take all security bugs
seriously and if confirmed upon investigation we will patch it within a
reasonable amount of time and release a public security bulletin discussing
the impact and credit the discoverer.
There are two ways to report a security bug. The easiest is to email a
description of the flaw and any related information (e.g. reproduction
steps, version) to
[security at hyperledger dot org](mailto:security@hyperledger.org).
The other way is to file a confidential security bug in our
[JIRA bug tracking system](https://jira.hyperledger.org).
Be sure to set the “Security Level” to “Security issue”.
The process by which the Hyperledger Security Team handles security bugs
is documented further in our
[Defect Response](https://wiki.hyperledger.org/display/HYP/Defect+Response)
page on our [wiki](https://wiki.hyperledger.org).