aboutsummaryrefslogtreecommitdiff
path: root/SECURITY.txt
AgeCommit message (Collapse)AuthorFilesLines
2024-01-09SECURITY.txt: Drop "exploitable" in reference to hardening issuesSiddhesh Poyarekar1-4/+4
The "exploitable vulnerability" may lead to a misunderstanding that missed hardening issues are considered vulnerabilities, just that they're not exploitable. This is not true, since while hardening bugs may be security-relevant, the absence of hardening does not make a program any more vulnerable to exploits than without. Drop the "exploitable" word to make it clear that missed hardening is not considered a vulnerability. Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org> ChangeLog: * SECURITY.txt: Drop "exploitable" in the hardening section.
2023-10-05secpol: consistent indentationJan Engelhardt1-16/+16
86% of the document have 4 spaces; adjust the remaining 14%. Signed-off-by: Jan Engelhardt <jengelh@inai.de> ChangeLog: * SECURITY.txt: Fix up indentation.
2023-10-05secpol: add grammatically missing commas / remove one excess instanceJan Engelhardt1-8/+8
Signed-off-by: Jan Engelhardt <jengelh@inai.de> ChangeLog: * SECURITY.txt: Fix up commas.
2023-10-04Add a GCC Security policySiddhesh Poyarekar1-0/+205
Define a security process and exclusions to security issues for GCC and all components it ships. Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org> ChangeLog: * SECURITY.txt: New file.
generated by cgit v1.1 at 2024-09-18 08:34:47 +0000