From 5e957cdc1653dbdc15d48ef316917d80778da4e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Cornell=C3=A0?= Date: Wed, 24 Jul 2024 19:47:18 +0200 Subject: [PATCH] chore: clarify order of preference for reporting vulnerabilities --- SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index ae7458ee2..f8235840f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -17,7 +17,7 @@ In the near future we will introduce versioning, so expect this section to chang **Do not submit an issue or pull request**: this might reveal the vulnerability. -Instead, you should email the maintainers directly at: [**security@ohmyz.sh**](mailto:security@ohmyz.sh), -or using the link to [privately report a vulnerability with GitHub](https://github.com/ohmyzsh/ohmyzsh/security/advisories/new). +Instead, you should use the form to [privately report a vulnerability to us via GitHub](https://github.com/ohmyzsh/ohmyzsh/security/advisories/new) +or email the maintainers directly at: [**security@ohmyz.sh**](mailto:security@ohmyz.sh). We will deal with the vulnerability privately and submit a patch as soon as possible.