Merge pull request #1436 from crosbymichael/security

Add security mailing list to readme and releases
2017-08-29 12:19:59 -04:00 · 2017-08-29 12:19:59 -04:00 · 7dd87c35ee
commit 7dd87c35ee
parent 6ec92ddbc9 6b6ac8e9f0
2 changed files with 7 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -192,6 +192,11 @@ For sync communication we have a community slack with a #containerd channel that

 **Slack:** https://dockr.ly/community

+### Reporting security issues
+
+__If you are reporting a security issue, please follow the responsible
+disclosure guidelines and reach out discreetly at containerd-security@googlegroups.com__.
+
 ## Copyright and license

 Copyright ©2016-2017 Docker, Inc. All rights reserved, except as follows. Code
--- a/RELEASES.md
+++ b/RELEASES.md
@ -118,6 +118,8 @@ __If you are reporting a security issue, please follow the responsible
 disclosure guidelines and reach out discreetly__. Remember that backported PRs
 must follow the versioning guidelines from this document.

+Please send security related issues to containerd-security@googlegroups.com.
+
 Any release that is "active" can accept backports. Opening a backport PR is
 fairly straightforward. The steps differ depending on whether you are pulling
 a fix from master or need to draft a new commit specific to a particular