| W. Felix Handte | b6805c5 | 2024-02-13 11:50:55 -0500 | [diff] [blame] | 1 | # Reporting and Fixing Security Issues |
| 2 | |
| 3 | Please do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors. Security issues in this open source project can be safely reported via the Meta Bug Bounty program: |
| 4 | |
| 5 | https://www.facebook.com/whitehat |
| 6 | |
| 7 | Meta's security team will triage your report and determine whether or not is it eligible for a bounty under our program. |
| W. Felix Handte | e13d099 | 2024-02-13 11:51:37 -0500 | [diff] [blame] | 8 | |
| 9 | # Receiving Vulnerability Notifications |
| 10 | |
| 11 | In the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix. |
| 12 | |
| 13 | If you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers. |
| 14 | |
| 15 | <!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). --> |