forked from openemr/openemr
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: update security reporting documentation and some funding docum…
…entation (openemr#7185)
- Loading branch information
1 parent
38c301a
commit a870763
Showing
4 changed files
with
9 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,9 +6,9 @@ about: Privately report a security vulnerability | |
|
|
||
| <!-- please view in preview mode --> | ||
|
|
||
| Send an email to [email protected] . If possible, please encrypt your email via PGP with this [public key](https://keybase.io/bradymiller/pgp_keys.asc?fingerprint=8a93ddec0e320d5eb8a7994827def05b1a8a6d4f). | ||
| Send an email to [email protected] . If possible, please encrypt your email via PGP with this [public key](https://www.open-emr.org/files/openemr-security-pgp-key.asc). | ||
|
|
||
| Thank you for the help! | ||
|
|
||
| <!-- Love openemr? Please consider supporting our collective: | ||
| 👉 https://opencollective.com/openemr/donate --> | ||
| <!-- Love openemr? Please consider supporting our project: | ||
| 👉 https://github.com/sponsors/openemr --> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,8 +1,2 @@ | ||
| # Reporting Security Vulnerabilities | ||
| If you discover a security vulnerability in OpenEMR, there are 2 options for reporting the vulnerability to the OpenEMR security group. | ||
|
|
||
| ## Option 1. Report via huntr | ||
| - Report via [our huntr page](https://huntr.dev/repos/openemr/openemr/). Bounty eligibility, CVE assignment, response times and past reports are all there. | ||
|
|
||
| ## Option 2. Email [email protected] | ||
| - Send an email to [email protected] . If possible, please encrypt your email via PGP with this [public key](https://www.open-emr.org/files/openemr-security-pgp-key.asc). | ||
| If you discover a security vulnerability in OpenEMR, then report the vulnerability to the OpenEMR security group email at [email protected] . If possible, please encrypt your email via PGP with this [public key](https://www.open-emr.org/files/openemr-security-pgp-key.asc). |