mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-10-01 01:25:40 -04:00
8a6890174d
Addresses without a slash are redirected to a version with slash, but with forced protocol http instead of https.
37 lines
1.6 KiB
Markdown
37 lines
1.6 KiB
Markdown
---
|
|
layout: doc
|
|
title: SecurityPage
|
|
permalink: /doc/SecurityPage/
|
|
redirect_from: /wiki/SecurityPage/
|
|
---
|
|
|
|
Reporting Security Issues in Qubes OS
|
|
=====================================
|
|
|
|
If you believe you have found a security issue affecting Qubes OS, either directly or indirectly (e.g. the issue affects Xen in a configuration that is used in Qubes OS), then we would be more than happy to hear from you!
|
|
|
|
We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, and also to release a public Security Bulletin that describes the issue, discusses potential impact of the vulnerability, references applicable patches or workarounds, and also credits the discoverer.
|
|
|
|
The list of all Qubes Security Advisories published so far can be found [here](/doc/SecurityBulletins/).
|
|
|
|
Qubes Security Team
|
|
-------------------
|
|
|
|
The Qubes Security Team can be contacted via email using the following address:
|
|
|
|
{% highlight trac-wiki %}
|
|
security at qubes-os dot org
|
|
{% endhighlight %}
|
|
|
|
Qubes Security Team GPG Key
|
|
---------------------------
|
|
|
|
Please use the [this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) for encrypting any emails send to this address. Like all the GPG keys used by the Qubes project, this key is signed with the Qubes Master key. Please see [this page](/doc/VerifyingSignatures/) for more information on how to verify the keys.
|
|
|
|
Members of the Security Team
|
|
----------------------------
|
|
|
|
- Joanna Rutkowska \<joanna at invisiblethingslab dot com\>
|
|
- Marek Marczykowski \<marmarek at invisiblethingslab dot com\>
|
|
|