diff --git a/SecurityPage.md b/SecurityPage.md new file mode 100644 index 00000000..74ee3daf --- /dev/null +++ b/SecurityPage.md @@ -0,0 +1,35 @@ +--- +layout: wiki +title: SecurityPage +permalink: /wiki/SecurityPage/ +--- + +Reporting Security Issues in Qubes OS +===================================== + +If you believe you have found a security issue affecting Qubes OS, either directly or indirectly (e.g. the issue affects Xen in a configuration that is used in Qubes OS), then we would be more than happy to hear from you! + +We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, and also to release a public Security Bulletin that describes the issue, discusses potential impact of the vulnerability, references applicable patches or workarounds, and also credits the discoverer. + +The list of all Qubes Security Advisories published so far can be found [here](/wiki/SecurityBulletins). + +Qubes Security Team +------------------- + +The Qubes Security Team can be contacted via email using the following address: + +``` {.wiki} +security at qubes-os dot org +``` + +Qubes Security Team GPG Key +--------------------------- + +Please use the [​this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) for encrypting any emails send to this address. Like all the GPG keys used by the Qubes project, this key is signed with the Qubes Master key. Please see [this page](/wiki/VerifyingSignatures) for more information on how to verify the keys. + +Member of the Security Team +--------------------------- + +- Joanna Rutkowska \ +- Marek Marczykowski \ +