Merge branch 'develop' into cli-wrapper

author: Chocobozzz <me@florianbigard.com> 2018-09-20 16:24:31 +0200
committer: GitHub <noreply@github.com> 2018-09-20 16:24:31 +0200
commit: 0491173a61aed66205c017e0d7e0503ea316c144 (patch)
tree: ce6621597505f9518cfdf0981977d097c63f9fad /SECURITY.md
parent: 8704acf49efc770d73bf07c10468ed8c74d28a83 (diff)
parent: 6247b2057b792cea155a1abd9788c363ae7d2cc2 (diff)
download: PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.tar.gz
PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.tar.zst
PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/SECURITY.md b/SECURITY.md
index 37ed19246..5c668a2a3 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -30,7 +30,7 @@ To encourage vulnerability research and to avoid any confusion between good-fait
 - Avoid violating the privacy of others, disrupting our systems, destroying data, and/or harming user experience.
 - Use only the Official Channels to discuss vulnerability information with us.
 - Keep the details of any discovered vulnerabilities confidential until they are fixed, according to the Disclosure Terms in this policy.
- Perform testing only on in-scope systems, and respect systems and activities which are out-of-scope.
+- Perform testing only on in-scope systems, and respect systems and activities which are out-of-scope. Systems currently considered in-scope are the official demonstration/test servers provided by the PeerTube development team.
 - If a vulnerability provides unintended access to data: Limit the amount of data you access to the minimum required for effectively demonstrating a Proof of Concept; and cease testing and submit a report immediately if you encounter any user data during testing, such as Personally Identifiable Information (PII), Personal Healthcare Information (PHI), credit card data, or proprietary information.
 - You should only interact with test accounts you own or with explicit permission from the account holder.
 - Do not engage in extortion.
author	Chocobozzz <me@florianbigard.com>	2018-09-20 16:24:31 +0200
committer	GitHub <noreply@github.com>	2018-09-20 16:24:31 +0200
commit	0491173a61aed66205c017e0d7e0503ea316c144 (patch)
tree	ce6621597505f9518cfdf0981977d097c63f9fad /SECURITY.md
parent	8704acf49efc770d73bf07c10468ed8c74d28a83 (diff)
parent	6247b2057b792cea155a1abd9788c363ae7d2cc2 (diff)
download	PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.tar.gz PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.tar.zst PeerTube-0491173a61aed66205c017e0d7e0503ea316c144.zip

diff --git a/SECURITY.md b/SECURITY.md index 37ed19246..5c668a2a3 100644 --- a/SECURITY.md +++ b/SECURITY.md
@@ -30,7 +30,7 @@ To encourage vulnerability research and to avoid any confusion between good-fait
30	- Avoid violating the privacy of others, disrupting our systems, destroying data, and/or harming user experience.	30	- Avoid violating the privacy of others, disrupting our systems, destroying data, and/or harming user experience.
31	- Use only the Official Channels to discuss vulnerability information with us.	31	- Use only the Official Channels to discuss vulnerability information with us.
32	- Keep the details of any discovered vulnerabilities confidential until they are fixed, according to the Disclosure Terms in this policy.	32	- Keep the details of any discovered vulnerabilities confidential until they are fixed, according to the Disclosure Terms in this policy.
33	- Perform testing only on in-scope systems, and respect systems and activities which are out-of-scope.	33	- Perform testing only on in-scope systems, and respect systems and activities which are out-of-scope. Systems currently considered in-scope are the official demonstration/test servers provided by the PeerTube development team.
34	- If a vulnerability provides unintended access to data: Limit the amount of data you access to the minimum required for effectively demonstrating a Proof of Concept; and cease testing and submit a report immediately if you encounter any user data during testing, such as Personally Identifiable Information (PII), Personal Healthcare Information (PHI), credit card data, or proprietary information.	34	- If a vulnerability provides unintended access to data: Limit the amount of data you access to the minimum required for effectively demonstrating a Proof of Concept; and cease testing and submit a report immediately if you encounter any user data during testing, such as Personally Identifiable Information (PII), Personal Healthcare Information (PHI), credit card data, or proprietary information.
35	- You should only interact with test accounts you own or with explicit permission from the account holder.	35	- You should only interact with test accounts you own or with explicit permission from the account holder.
36	- Do not engage in extortion.	36	- Do not engage in extortion.