From e61bc7867e9e7cd1ba5a6436efdcda3319a53353 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Mon, 23 Sep 2019 09:46:51 +0200 Subject: [PATCH] Be more than explicit about the fact that dnsdist is also covered --- SECURITY.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 07543dee8..adfc8023d 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,20 +1,19 @@ -PowerDNS Security Policy -======================== +PowerDNS and dnsdist Security Policy +==================================== If you have a security problem to report, please email us at both security@powerdns.com and ahu@ds9a.nl. -In case you want to encrypt your report using PGP, please use: -https://www.powerdns.com/powerdns-keyblock.asc +In case you want to encrypt your report using PGP, please use: https://www.powerdns.com/powerdns-keyblock.asc Please do not mail security issues to public lists, nor file a ticket, unless we do not get back to you in a timely manner. We fully credit reporters of security issues, and respond quickly, but please allow us a reasonable timeframe to coordinate a response. -We remind PowerDNS users that under the terms of the GNU General Public License, PowerDNS comes with ABSOLUTELY NO WARRANTY. +We remind PowerDNS and dnsdist users that under the terms of the GNU General Public License, PowerDNS and dnsdist come with ABSOLUTELY NO WARRANTY. This license is included in this documentation. HackerOne --------- Security issues can also be reported on [our HackerOne page](https://hackerone.com/powerdns) and might fetch a bounty. -Do note that only the PowerDNS software is in scope for the HackerOne program, not our websites or other infrastructure. +Do note that only the PowerDNS software (PowerDNS Authoritative Server, the PowerDNS Recursor and dnsdist) is in scope for the HackerOne program, not our websites or other infrastructure. Disclosure Policy ----------------- -- 2.40.0