f535537f |
1 | # Reporting and Fixing Security Issues |
2 | |
3 | Please do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors. Security issues in this open source project can be safely reported via the Meta Bug Bounty program: |
4 | |
5 | https://www.facebook.com/whitehat |
6 | |
7 | Meta's security team will triage your report and determine whether or not is it eligible for a bounty under our program. |
8 | |
9 | # Receiving Vulnerability Notifications |
10 | |
11 | In the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix. |
12 | |
13 | If you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers. |
14 | |
15 | <!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). --> |