# HG changeset patch # User Christian Brabandt # Date 1698084903 -7200 # Node ID 13e4398925ea8dc62942d0f391a7841d829a8fd9 # Parent 3da00d519504c5e59bb5723dba89882e1476f986 please report security issues to the vim-security list Commit: https://github.com/vim/vim/commit/50f3ec2898a43feaa6add2bc4875754cf9224d5e Author: Christian Brabandt Date: Mon Oct 23 19:59:22 2023 +0200 please report security issues to the vim-security list Signed-off-by: Christian Brabandt diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -9,8 +9,10 @@ body: value: | Thanks for reporting issues of Vim! - If you want to report a security issue, instead of reporting it here - please disclose it privately to cb@256bit.org + If you want to report a security issue, instead of reporting it here publicly, + please disclose it privately via mail to vim-security@googlegroups.com. + (It's a private list read only by the maintainers, + but anybody can post, after moderation.) To make it easier for us to help you please enter detailed information below. - type: textarea diff --git a/SECURITY.md b/SECURITY.md --- a/SECURITY.md +++ b/SECURITY.md @@ -2,6 +2,9 @@ ## Reporting a vulnerability -If you want to report a security issue, please privately disclose the issue to the current maintainer cb@256bit.org +If you want to report a security issue, please privately disclose the issue to the vim-security mailing list +vim-security@googlegroups.com + +This is a private list, read only by the maintainers, but anybody can post, after moderation. **Please don't publicly disclose the issue until it has been addressed by us.**