Vulnerability reporting is here! #61
ctih1
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Vulnerability reporting is now here 🎊
TL;DR: New report tracking
What is it?
It's a brand new web-tracker that shows the progression of your report, so you never feel like nothing is being done.
Why?
We thought that since you help us by reporting vulnerabilities, we own it to you to make the reporting as seamless as possible.
How can I use it?
Using a form
report a vulnerability at https://frii.site/report/security , after you've filled out the form, you will get a tracking link
Using an email
Send us an email at urgent@frii.site , you will get created a case and we will send you a tracking link
Stages
Here's a quick explanation what these things actually mean.
A developer has seen your problem
We have accepted your report as genuine
The development has been done, the only thing needed now is approvals & deployment
The fix has been issued to every supported branch of frii.site. You will typically get an email for rewards in about 1-3 days.
Comments
Here's a quick explanation as to what the comments mean.
This means that the issue has been approved. The importance rating may have changed.
The development for the issue has begun.
The development of your issue has been temporarily paused. Factors to this may include but are not limited to: determining that we cannot do anything about the issue (like if the issue is in a third party library), we have gotten a more severe report which needs attention immediately, other reasons might have been specified by the developer.
Same as "development done" status
Same as "Done" status
More info can be found on our vulnerability reporting policy
Beta Was this translation helpful? Give feedback.
All reactions