xref: /freebsd/contrib/tzcode/SECURITY (revision 7899f917b1c0ea178f1d2be0cfb452086d079d23)
1Please report any sensitive security-related bugs via email to the
2tzdb designated coordinators, currently Paul Eggert
3<eggert@cs.ucla.edu> and Tim Parenti <tim@timtimeonline.com>.
4Put "tzdb security" at the start of your email's subject line.
5We prefer communications to be in English.
6
7You should receive a response within a week. If not, please follow up
8via email to make sure we received your original message.
9
10If we confirm the bug, we plan to notify affected third-party services
11or software that we know about, prepare an advisory, commit fixes to
12the main development branch as quickly as is practical, and finally
13publish the advisory on tz@iana.org.  As with all tzdb contributions,
14we give credit to security contributors unless they wish to remain
15anonymous.
16