diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index 79c06893c9..266a6152d6 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -7,7 +7,7 @@ categories as some of them do not apply here. STOP!! Please ask questions about how to use something, or to understand why something isn't working as you expect it to, on Stack Overflow using the spring-boot tag. - Security Vulnerability -STOP!! Please don't raise security vulnerabilities here. Head over to https://pivotal.io/security to learn how to disclose them responsibly. +STOP!! Please don't raise security vulnerabilities here. Head over to https://spring.io/security-policy to learn how to disclose them responsibly. - Managed Dependency Upgrade You DO NOT need to raise an issue for a managed dependency version upgrade as there's a semi-automatic process for checking managed dependencies for new versions before a release. BUT pull requests for upgrades that are more involved than just a version property change are still most welcome. - With an Immediate Pull Request diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index f97d9f541a..936a6c2065 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -5,7 +5,7 @@ submitting you pull request. Security Vulnerabilities STOP! If your contribution fixes a security vulnerability, please do not submit it. -Instead, please head over to https://pivotal.io/security to learn how to disclose a +Instead, please head over to https://spring.io/security-policy to learn how to disclose a vulnerability responsibly. Dependency Upgrades diff --git a/CONTRIBUTING.adoc b/CONTRIBUTING.adoc index 1130927bf4..52cc3af331 100755 --- a/CONTRIBUTING.adoc +++ b/CONTRIBUTING.adoc @@ -22,7 +22,7 @@ Ideally, that would include a small sample project that reproduces the problem. == Reporting Security Vulnerabilities If you think you have found a security vulnerability in Spring Boot please *DO NOT* disclose it publicly until we've had a chance to fix it. -Please don't report security vulnerabilities using GitHub issues, instead head over to https://tanzu.vmware.com/security and learn how to disclose them responsibly. +Please don't report security vulnerabilities using GitHub issues, instead head over to https://spring.io/security-policy and learn how to disclose them responsibly.