Skip to content

Commit 93a9f7a

Browse files
bastelfreakbastelfreak
authored
Merge pull request #580 from binford2k/security_page
Updated security page
2 parents 20fb282 + 76a8435 commit 93a9f7a

1 file changed

Lines changed: 14 additions & 8 deletions

File tree

security/index.md

Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -3,23 +3,29 @@ layout: page
33
title: Security
44
---
55

6-
This page describes how to report security vulnerabilities, both external or
7-
internal. If you have any question, please reach us on #voxpupuli on [Libera](https://web.libera.chat/?#voxpupuli).
6+
This page describes how to report security vulnerabilities, both external or internal.
7+
If you have any question, please reach us on `#voxpupuli` on [Libera](https://web.libera.chat/?#voxpupuli).
88

99
* TOC
1010
{:toc}
11+
{: class="alert alert-primary callout w-33" }
1112

1213
## Reporting security vulnerabilities
1314

14-
If you want to report any security vulnerability, please contact
15-
[Julien Pivotto](mailto:[email protected]). Julien's GPG key can be
16-
downloaded [here](0C7F187769D072B93B642BB9E484250533AE92DA.pub).
15+
If you want to report any security vulnerability, please contact our
16+
[security team](mailto:[email protected]).
17+
Feel free to encrypt communications using our [gpg key](https://keys.openpgp.org/search?q=security%40voxpupuli.org).
1718

18-
Julien's GPG key fingerprint is `0C7F 1877 69D0 72B9 3B64 2BB9 E484 2505 33AE 92DA`.
19+
```
20+
$ gpg --auto-key-locate keyserver --locate-keys [email protected]
21+
```
1922

20-
Here is a list of topics where the security officer can help you:
23+
Our GPG key fingerprint is `CA4C B6EE 8852 F95F B84B  834B 48A1 C23A FF60 2E9B`.
24+
25+
Here is a list of topics where the security team can help you:
2126

2227
* Report security vulnerabilities in our projects
28+
- modules, gems, OpenVox projects, etc
2329
* Report security vulnerabilities in third party projects we use (Ruby Gems)
2430
* Report security vulnerabilities in third party projects we are related to
2531
(projects we manage with our Puppet modules)
@@ -46,7 +52,7 @@ For our contributors, here are some good practices that we highly recommend.
4652
1. Respect the [Responsible disclosure][m] model.
4753

4854
Vox Pupuli is agile enough to address security vulnerabilities quickly.
49-
Still we encourage you to get in touch with the security officer that will
55+
Still we encourage you to get in touch with the security team that will
5056
help you to elaborate a good disclosure schedule and an appropriate answer.
5157

5258
1. Follow Vox Pupuli flows and practices

0 commit comments

Comments
 (0)