[MPlayer-DOCS] CVS: main/DOCS/xml/en bugreports.xml,1.14,1.15
Guillaume Poirier CVS
syncmail at mplayerhq.hu
Sun Apr 9 14:45:52 CEST 2006
CVS change done by Guillaume Poirier CVS
Update of /cvsroot/mplayer/main/DOCS/xml/en
In directory mail:/var2/tmp/cvs-serv7017/en
Modified Files:
bugreports.xml
Log Message:
Explain how security issues should be reported, based on a patch by Ivann, featuring Reimar's suggestions
+ email scrambling using this form: http://www.golivecentral.com/pages/txttut/scramble.shtml (I hope it will be enough not to get too much spam though this link)
Index: bugreports.xml
===================================================================
RCS file: /cvsroot/mplayer/main/DOCS/xml/en/bugreports.xml,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- bugreports.xml 9 Apr 2006 09:56:06 -0000 1.14
+++ bugreports.xml 9 Apr 2006 12:45:49 -0000 1.15
@@ -11,6 +11,20 @@
that you have to provide <emphasis role="bold">all</emphasis> of the information
we request and follow the instructions in this document closely.
</para>
+<sect1 id="bugreports_security">
+<title>Report security releated bugs</title>
+<para>
+In case you have found an exploitable bug and you would like to do the
+right thing and let us fix it before you disclose it, we would be happy
+to get your security advisory at
+<ulink url="mailto:security@mplayerhq.hu">security@mplayerhq.hu</ulink>.
+Please add [SECURITY] or [ADVISORY] in the subject.
+Be sure that your report contains complete and detailed analysis of the bug.
+Sending a fix is highly appreciated.
+Please don't delay your report to write proof-of-concept exploit, you can
+send that one with another mail.
+</para>
+</sect1>
<sect1 id="bugreports_fix">
<title>How to fix bugs</title>
<para>
More information about the MPlayer-DOCS
mailing list