From 378c236532f817cdd576c0a1cd7042baf42a0a1b Mon Sep 17 00:00:00 2001 From: anonimal Date: Fri, 29 Jun 2018 06:20:38 +0000 Subject: [PATCH 1/2] VRP: reiterate that code impl includes master branch --- VULNERABILITY_RESPONSE_PROCESS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md index f339413..82fd58c 100644 --- a/VULNERABILITY_RESPONSE_PROCESS.md +++ b/VULNERABILITY_RESPONSE_PROCESS.md @@ -4,6 +4,7 @@ 1. This Vulnerability Response Process and subsequent bounty reward apply to the following: - Code implementation as seen in the Monero Project GitHub repositories + * This includes code in all branches; including the master branch and any release branch - Written research from the Monero Research Lab which dictates said code implementation 2. Researchers/Hackers: while you research/hack, we ask that you please refrain from committing the following: From dc2b463b78ba1cdd5ef23f92583002cea47fc65a Mon Sep 17 00:00:00 2001 From: anonimal Date: Fri, 29 Jun 2018 06:21:13 +0000 Subject: [PATCH 2/2] VRP: apply preamble to kovri beta As agreed to on IRC. --- VULNERABILITY_RESPONSE_PROCESS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md index 82fd58c..d32f2f1 100644 --- a/VULNERABILITY_RESPONSE_PROCESS.md +++ b/VULNERABILITY_RESPONSE_PROCESS.md @@ -26,7 +26,7 @@ ## Preamble (Kovri) -1. While Kovri is in a pre-Alpha release state, do not use HackerOne for disclosure. All Kovri issues MUST be directed to either [GitHub](https://github.com/monero-project/kovri) or Email +1. While Kovri is in a pre-Beta release state, do not use HackerOne for disclosure. All Kovri issues MUST be directed to either [GitHub](https://github.com/monero-project/kovri) or Email 2. Bounty will not be available for Kovri until **Kovri Beta** is released ## I. Points of contact for security issues