Skip to content
Permalink
Browse files
Changed security vulnerability reporting address to security@apache.o…
…rg. Added link to user uploaded templates FAQ.
  • Loading branch information
ddekany committed Mar 28, 2020
1 parent de7c93f commit ef8db46148dce4a66e35f3989a3eac6c5cfcf67c
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 9 deletions.
@@ -483,15 +483,12 @@ two freemarker.jar-s and unpredictable behavior!
<section xml:id="report-security-vulnerabilities">
<title>Report security vulnerability</title>

<para>We strongly encourage to report security vulnerabilities to our
private mailing list first, rather than disclosing them in a public
forum. The private security mailing address is: <olink
targetdoc="privateMailingList"/></para>

<para>Please note that this mailing list should only be used for
reporting undisclosed security vulnerabilities in Apache FreeMarker and
managing the process of fixing such vulnerabilities. We cannot accept
regular bug reports or other queries at this address.</para>
<para>We strongly encourage to report security vulnerabilities to <olink
targetdoc="securityMailingList"/>, rather than disclosing them publicly.
Please indicate in the subject that the mail is about FreeMarker! Also,
if this is about templates edited by untrusted users, please consider
<olink targetdoc="templateUploadingSecurityFaq">this FAQ entry</olink>
first.</para>

<para>If you want to report a bug that isn't an undisclosed security
vulnerability, please use <olink targetdoc="newBugReport">our regular
@@ -78,6 +78,7 @@ olinks: {
githubMirrorOnlineTester: "https://github.com/apache/freemarker-online-tester"
githubProject: "olink:githubMirrorFreemarker"
githubProjectOld: "https://github.com/freemarker/"
securityMailingList: "mailto:security@apache.org"
privateMailingList: "mailto:private@freemarker.apache.org"
devMailingList: "mailto:dev@freemarker.apache.org"
devMailingListSubscribe: "mailto:dev-subscribe@freemarker.apache.org"
@@ -94,6 +95,7 @@ olinks: {
asfHome: "http://www.apache.org/"
asfIncubator: "http://incubator.apache.org/"
asfLicense: "http://www.apache.org/licenses/"
templateUploadingSecurityFaq: "https://freemarker.apache.org/docs/app_faq.html#faq_template_uploading_security"

emacsPluginDownload: "https://sourceforge.net/projects/freemarker/files/editor-plugins/ftl.el/download"
kwritePluginDownload: "https://sourceforge.net/projects/freemarker/files/editor-plugins/kwriteftl.tar.gz/download"

0 comments on commit ef8db46

Please sign in to comment.