mirror of https://github.com/zulip/zulip.git
docs: Change our security contact to security@.
This has for a while been our only active Google Groups mailing list, and given that folks will guess security@ as our security contact, we might as well just standardize on that. Also tweak some ambiguous text; it wouldn't be appropriate for us to issue a CVE for e.g. an operational issue only affecting us.
This commit is contained in:
Tim Abbott
parent
2fb967b735
commit
b775becc68
|
|
@ -213,8 +213,9 @@ and how to reproduce it if known, your browser/OS if relevant, and a
|
||||||
if appropriate.
|
if appropriate.
|
||||||
|
|
||||||
**Reporting security issues**. Please do not report security issues
|
**Reporting security issues**. Please do not report security issues
|
||||||
publicly, including on public streams on chat.zulip.org. You can email
|
publicly, including on public streams on chat.zulip.org. You can
|
||||||
zulip-security@googlegroups.com. We create a CVE for every security issue.
|
email security@zulipchat.com. We create a CVE for every security
|
||||||
|
issue in our released software.
|
||||||
|
|
||||||
## User feedback
|
## User feedback
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,12 @@
|
||||||
# Security Model
|
# Security Model
|
||||||
|
|
||||||
This section attempts to document the Zulip security model.
|
This section attempts to document the Zulip security model. It likely
|
||||||
It likely does not cover every issue; if
|
does not cover every issue; if there are details you're curious about,
|
||||||
there are details you're curious about, please feel free to ask
|
please feel free to ask questions in [#production
|
||||||
questions in [#production help](https://chat.zulip.org/#narrow/stream/31-production-help)
|
help](https://chat.zulip.org/#narrow/stream/31-production-help) on the
|
||||||
on the [Zulip community server](../contributing/chat-zulip-org.md)
|
[Zulip community server](../contributing/chat-zulip-org.md) (or if you
|
||||||
(or if you think
|
think you've found a security bug, please report it to
|
||||||
you've found a security bug, please report it to
|
security@zulipchat.com so we can do a responsible security
|
||||||
zulip-security@googlegroups.com so we can do a responsible security
|
|
||||||
announcement).
|
announcement).
|
||||||
|
|
||||||
## Secure your Zulip server like your email server
|
## Secure your Zulip server like your email server
|
||||||
|
|
@ -244,9 +243,9 @@ strength allowed is controlled by two settings in
|
||||||
## Final notes and security response
|
## Final notes and security response
|
||||||
|
|
||||||
If you find some aspect of Zulip that seems inconsistent with this
|
If you find some aspect of Zulip that seems inconsistent with this
|
||||||
security model, please report it to zulip-security@googlegroups.com so
|
security model, please report it to security@zulipchat.com so that we
|
||||||
that we can investigate and coordinate an appropriate security release
|
can investigate and coordinate an appropriate security release if
|
||||||
if needed.
|
needed.
|
||||||
|
|
||||||
Zulip security announcements will be sent to
|
Zulip security announcements will be sent to
|
||||||
zulip-announce@googlegroups.com, so you should subscribe if you are
|
zulip-announce@googlegroups.com, so you should subscribe if you are
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue