spring-projects/spring-framework
spring-projects/spring-framework
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-framework.git synced 2024-10-23 07:05:25 +08:00
Code Issues Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Rossen Stoyanchev 2024-10-15 17:13:29 +01:00 committed by GitHub
parent 88b684c981
commit 7ea43bb252
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
SECURITY.md
View File

@ -1,11 +1,10 @@
# Reporting a Vulnerability
You can create a [draft security advisory here](https://github.com/spring-projects/security-advisories/security/advisories/new).
Security issues must be disclosed and discussed in private. Please check out our [security policy](https://spring.io/security-policy).
Note that we can only accept vulnerabilities against [supported versions](https://spring.io/projects/spring-framework#support).
Please, [open a draft security advisory](https://github.com/spring-projects/security-advisories/security/advisories/new) if you need to disclose and discuss a security issue in private with the Spring Framework team. Note that we only accept reports against [supported versions](https://spring.io/projects/spring-framework#support).
For more details, check out our [security policy](https://spring.io/security-policy).
## JAR signing
Spring Framework JARs released on Maven Central are signed.
You'll find more information about the key here: https://spring.io/GPG-KEY-spring.txt