Merge pull request #1712 from python-pillow/reporting_security_vulnerabilities

How to report security vulnerabilites
2024-09-21 11:28:58 +03:00 · 2016-02-04 07:25:22 -05:00 · 2016-02-04 07:25:22 -05:00 · bdd86b72ae
commit bdd86b72ae
parent c729a8adc6 e5202ead4f
1 changed files with 6 additions and 0 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -29,3 +29,9 @@ When reporting issues, please include code that reproduces the issue and wheneve
 - What did you expect to happen?
 - What actually happened?
 - What versions of Pillow and Python are you using?
+
+## Security vulnerabilities
+
+To report sensitive vulnerability information, email aclark@aclark.net.
+
+If your organisation/employer is a distributor of Pillow and would like advance notification of security-related bugs, please let us know your preferred contact method.