Add security mailing list to readme and releases

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2017-08-28 16:33:49 -04:00 · 2017-08-28 16:33:49 -04:00 · 6b6ac8e9f0
commit 6b6ac8e9f0
parent cf09e32618
2 changed files with 7 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -192,6 +192,11 @@ For sync communication we have a community slack with a #containerd channel that

 **Slack:** https://dockr.ly/community

+### Reporting security issues
+
+__If you are reporting a security issue, please follow the responsible
+disclosure guidelines and reach out discreetly at containerd-security@googlegroups.com__.
+
 ## Copyright and license

 Copyright ©2016-2017 Docker, Inc. All rights reserved, except as follows. Code
--- a/RELEASES.md
+++ b/RELEASES.md
@ -118,6 +118,8 @@ __If you are reporting a security issue, please follow the responsible
 disclosure guidelines and reach out discreetly__. Remember that backported PRs
 must follow the versioning guidelines from this document.

+Please send security related issues to containerd-security@googlegroups.com.
+
 Any release that is "active" can accept backports. Opening a backport PR is
 fairly straightforward. The steps differ depending on whether you are pulling
 a fix from master or need to draft a new commit specific to a particular