16 lines
952 B
Markdown
16 lines
952 B
Markdown
# Reporting and Fixing Security Issues
|
|
|
|
Please do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors. Security issues in this open source project can be safely reported via the Meta Bug Bounty program:
|
|
|
|
https://www.facebook.com/whitehat
|
|
|
|
Meta's security team will triage your report and determine whether or not is it eligible for a bounty under our program.
|
|
|
|
# Receiving Vulnerability Notifications
|
|
|
|
In the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix.
|
|
|
|
If you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers.
|
|
|
|
<!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). -->
|