Update security policy links

pull/25129/head
Andy Wilkinson 4 years ago
parent 434b8a7b9d
commit eb07867738

@ -7,7 +7,7 @@ categories as some of them do not apply here.
STOP!! Please ask questions about how to use something, or to understand why something isn't
working as you expect it to, on Stack Overflow using the spring-boot tag.
- Security Vulnerability
STOP!! Please don't raise security vulnerabilities here. Head over to https://pivotal.io/security to learn how to disclose them responsibly.
STOP!! Please don't raise security vulnerabilities here. Head over to https://spring.io/security-policy to learn how to disclose them responsibly.
- Managed Dependency Upgrade
You DO NOT need to raise an issue for a managed dependency version upgrade as there's a semi-automatic process for checking managed dependencies for new versions before a release. BUT pull requests for upgrades that are more involved than just a version property change are still most welcome.
- With an Immediate Pull Request

@ -5,7 +5,7 @@ submitting you pull request.
Security Vulnerabilities
STOP! If your contribution fixes a security vulnerability, please do not submit it.
Instead, please head over to https://pivotal.io/security to learn how to disclose a
Instead, please head over to https://spring.io/security-policy to learn how to disclose a
vulnerability responsibly.
Dependency Upgrades

@ -22,7 +22,7 @@ Ideally, that would include a small sample project that reproduces the problem.
== Reporting Security Vulnerabilities
If you think you have found a security vulnerability in Spring Boot please *DO NOT* disclose it publicly until we've had a chance to fix it.
Please don't report security vulnerabilities using GitHub issues, instead head over to https://tanzu.vmware.com/security and learn how to disclose them responsibly.
Please don't report security vulnerabilities using GitHub issues, instead head over to https://spring.io/security-policy and learn how to disclose them responsibly.

Loading…
Cancel
Save