doc: use github private vunerability reporting

author: Miklós Fazekas <mfazekas@szemafor.com> 2023-02-06 08:25:51 +0100
committer: Miklós Fazekas <mfazekas@szemafor.com> 2023-02-06 08:25:51 +0100
commit: ab74b03cc168856b32744562b8982609b990e5f1 (patch)
tree: d3e79d44b47de2201ebb6ab7f6534183e3006477
parent: e749980e2dc7373367180f53184288c6c97bb644 (diff)
download: net-ssh-ab74b03cc168856b32744562b8982609b990e5f1.tar.gz
2 files changed, 5 insertions, 3 deletions
diff --git a/README.md b/README.md
index ab16913..19e53be 100644
--- a/README.md
+++ b/README.md
@@ -249,9 +249,7 @@ gem cert --add net-ssh-public_cert.pem
 
 ## Security contact information
 
-To report a security vulnerability, please use the
-[Tidelift security contact](https://tidelift.com/security).
-Tidelift will coordinate the fix and disclosure.
+See [SECURITY.md](SECURITY.md)
 
 ## CREDITS
 
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..45d0b8e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,4 @@
+## Security contact information
+
+To report a security vulnerability, please use the
+[GitHub private vulnerability reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
author	Miklós Fazekas <mfazekas@szemafor.com>	2023-02-06 08:25:51 +0100
committer	Miklós Fazekas <mfazekas@szemafor.com>	2023-02-06 08:25:51 +0100
commit	ab74b03cc168856b32744562b8982609b990e5f1 (patch)
tree	d3e79d44b47de2201ebb6ab7f6534183e3006477
parent	e749980e2dc7373367180f53184288c6c97bb644 (diff)
download	net-ssh-ab74b03cc168856b32744562b8982609b990e5f1.tar.gz