diff --git a/security-info/security.md b/security-info/security.md index 48e05871..115b17f4 100644 --- a/security-info/security.md +++ b/security-info/security.md @@ -28,9 +28,9 @@ Qubes OS Project Security Center Reporting Security Issues in Qubes OS ------------------------------------- -If you believe you have found a security issue affecting Qubes OS, either directly or indirectly (e.g. the issue affects Xen in a configuration that is used in Qubes OS), then we would be more than happy to hear from you! +If you believe you have found a security issue affecting Qubes OS, either directly or through third party code Qubes uses, then we would be more than happy to hear from you! -We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, and also to release a public Security Bulletin that describes the issue, discusses potential impact of the vulnerability, references applicable patches or workarounds, and also credits the discoverer. +We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, release a public Security Bulletin that describes the issue, discuss potential impact of the vulnerability, reference applicable patches or workarounds, and credit the discoverer. The list of all Qubes Security Advisories published so far can be found [here](/security/bulletins/). @@ -45,7 +45,7 @@ security at qubes-os dot org ### Qubes Security Team GPG Key ### -Please use the [this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) for encrypting any emails sent to this address. Like all the GPG keys used by the Qubes project, this key is signed with the Qubes Master key. Please see [this page](/security/verifying-signatures/) for more information on how to verify the keys. +Please use [this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) to encrypt any emails sent to this address. Like all GPG keys used by the Qubes project, this key is signed by the Qubes Master key. Please see [this page](/security/verifying-signatures/) for more information on how to verify the keys. ### Members of the Security Team ###