From e5202ead4f8489d7703d622b9361253d91c1b3e0 Mon Sep 17 00:00:00 2001 From: Hugo Date: Thu, 4 Feb 2016 14:19:59 +0200 Subject: [PATCH] How to report security vulnerabilites See https://github.com/python-pillow/Pillow/issues/1658 [CI skip] --- CONTRIBUTING.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5ce67a080..7f61560d7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -29,3 +29,9 @@ When reporting issues, please include code that reproduces the issue and wheneve - What did you expect to happen? - What actually happened? - What versions of Pillow and Python are you using? + +## Security vulnerabilities + +To report sensitive vulnerability information, email aclark@aclark.net. + +If your organisation/employer is a distributor of Pillow and would like advance notification of security-related bugs, please let us know your preferred contact method.