mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-24 23:09:29 -05:00
Improve wording
This commit is contained in:
parent
06351f0ae0
commit
4851518719
@ -32,13 +32,15 @@ important project security pages:
|
||||
## Reporting Security Issues in Qubes OS
|
||||
|
||||
If you believe you have found a security issue affecting Qubes OS, either
|
||||
directly or indirectly (e.g. the issue affects Xen in a configuration that is
|
||||
used in Qubes OS), then we would be more than happy to hear from you! We
|
||||
promise to treat any reported issue seriously and, if the investigation
|
||||
confirms that it affects Qubes, to patch it within a reasonable time and
|
||||
release a public [Qubes Security Bulletin](/security/qsb/) that describes
|
||||
the issue, discusses the potential impact of the vulnerability, references
|
||||
applicable patches or workarounds, and credits the discoverer.
|
||||
directly or indirectly (e.g., the issue affects Xen in a configuration that is
|
||||
used in Qubes OS), then we would be more than happy to hear from you! Please
|
||||
send a [PGP-encrypted](#security-team-pgp-key) email to the [Qubes Security
|
||||
Team](#qubes-security-team). We promise to take all reported issues seriously.
|
||||
If our investigation confirms that an issue affects Qubes, we will patch it
|
||||
within a reasonable time and release a public [Qubes Security Bulletin
|
||||
(QSB)](/security/qsb/) that describes the issue, discusses the potential impact
|
||||
of the vulnerability, references applicable patches or workarounds, and credits
|
||||
the discoverer.
|
||||
|
||||
## Security Updates
|
||||
|
||||
@ -47,19 +49,20 @@ OS](/doc/how-to-update/).
|
||||
|
||||
## Qubes Security Team
|
||||
|
||||
The Qubes Security Team (QST) is the subset of the [Qubes Team](/team/) that is
|
||||
responsible for ensuring the security of Qubes OS and the Qubes OS Project. In
|
||||
particular, the QST is responsible for:
|
||||
The **Qubes Security Team (QST)** is the subset of the [Core Qubes
|
||||
Team](/team/#core) that is responsible for ensuring the security of Qubes OS
|
||||
and the Qubes OS Project. In particular, the QST is responsible for:
|
||||
|
||||
- Responding to [reported security
|
||||
issues](#reporting-security-issues-in-qubes-os)
|
||||
- Evaluating whether [XSAs](/security/xsa/) affect the security of Qubes OS
|
||||
- Writing, applying, and/or distributing security patches to fix
|
||||
vulnerabilities in Qubes OS
|
||||
- Writing, signing, and publishing [Security Bulletins](/security/qsb/)
|
||||
- Writing, signing, and publishing [Canaries](/security/canary/)
|
||||
- Writing, signing, and publishing [Qubes Security Bulletins
|
||||
(QSBs)](/security/qsb/)
|
||||
- Writing, signing, and publishing [Qubes Canaries](/security/canary/)
|
||||
- Generating, safeguarding, and using the project's [PGP
|
||||
Keys](https://keys.qubes-os.org/keys/)
|
||||
keys](https://keys.qubes-os.org/keys/)
|
||||
|
||||
As a security-oriented operating system, the QST is fundamentally important to
|
||||
Qubes, and every Qubes user implicitly trusts the members of the QST by virtue
|
||||
@ -76,8 +79,8 @@ Please use the [Security Team PGP
|
||||
Key](https://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) to encrypt
|
||||
all emails sent to this address. This key is signed by the [Qubes Master
|
||||
Signing Key](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc).
|
||||
Please see [Why and How to Verify Signatures](/security/verifying-signatures/)
|
||||
for information about how to verify these keys.
|
||||
Please see [Verify Signatures](/security/verifying-signatures/) for information
|
||||
about how to authenticate these keys.
|
||||
|
||||
### Members of the Security Team
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user