From e48c0bcc37e57782ae1a02a0ec8dbfc9629d524a Mon Sep 17 00:00:00 2001 From: Glenn Renfro Date: Fri, 3 Nov 2023 08:35:23 -0400 Subject: [PATCH] Establish the proper location to report security issues --- SECURITY.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..8a9410d24 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy +## Reporting a Vulnerability + +If you think you have found a security vulnerability, please **DO NOT** disclose it publicly until we’ve had a chance to fix it. +Please don’t report security vulnerabilities using GitHub issues, instead head over to https://spring.io/security-policy and learn how to disclose them responsibly.