Home Explore Help
Register Sign In
Apq
/
Docker-official-images
mirror of https://github.com/docker-library/official-images.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Update DOI security email address

We now have a Docker alias for this 🎉
Tianon Gravi 2 years ago
parent
18d0bddb5a
commit
e573c669e4
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      README.md
  2. 1 1
      SECURITY.md

+ 1 - 1
README.md
View File 

@@ -301,7 +301,7 @@ Official Repositories that require additional privileges should specify the mini
 
 
 For image updates which constitute a security fix, there are a few things we recommend to help ensure your update is merged, built, and released as quickly as possible:
 
 
-1.	[Send an email to `doi[email protected]`](mailto:doi-security@infosiftr.com) a few (business) days in advance to give us a heads up and a timing estimate (so we can schedule time for the incoming update appropriately).
 
+1.	[Send an email to `doi@docker.com`](mailto:doi@docker.com) a few (business) days in advance to give us a heads up and a timing estimate (so we can schedule time for the incoming update appropriately).
 
 2.	Include `[security]` in the title of your pull request (for example, `[security] Update FooBar to 1.2.5, 1.3.7, 2.0.1`).
 
 3.	Keep the pull request free of changes that are unrelated to the security fix -- we'll still be doing review of the update, but it will be expedited so this will help us help you.
 
 4.	Be active and responsive to comments on the pull request after it's opened (as usual, but even more so if the timing of the release is of importance).

+ 1 - 1
SECURITY.md
View File 

@@ -4,6 +4,6 @@ If you believe you have found a security vulnerability, please make every effort
 
 
 When the issue relates to a specific image, please make an effort to (privately) contact the maintainers of that specific image.  Some maintainers publish/maintain a `SECRUITY.md` in their GitHub repository, for example, which can be a great place to find information about how to report an issue appropriately.
 
 
-For issues related to anything maintained under [@docker-library on GitHub](https://github.com/docker-library) or associated infrastructure, please [send an email to `doi[email protected]`](mailto:[email protected]).
 
+For issues related to anything maintained under [@docker-library on GitHub](https://github.com/docker-library) or associated infrastructure, please [send an email to `doi@docker.com`](mailto:[email protected]) or [use GitHub's security advisory feature](https://github.com/docker-library/official-images/security/advisories/new).
 
 
 Image maintainers should also be aware of the ["Security Releases" section of the maintainer documentation](https://github.com/docker-library/official-images#security-releases) for pre-notifying the project maintainers of upcoming security-related releases.