merge revision(s) 40574:

* doc/security.rdoc: Add note about reporting security vulns git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@40576 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-05-04 15:00:17 +0000
committer: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-05-04 15:00:17 +0000
commit: ec1f8cbb7a34d0b611dedad5741c55c6755b7966 (patch)
tree: e4f58e85b8ef3224af02ce26dbcced651a0e4629 /doc
parent: f824c6f15f3bfb0b2d7188fc2b8496ee8d69285f (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/security.rdoc b/doc/security.rdoc
index 9f4bca67c5..2cf6531785 100644
--- a/doc/security.rdoc
+++ b/doc/security.rdoc
@@ -10,6 +10,11 @@ Please check the full list of publicly known CVEs and how to correctly report a
 security vulnerability, at: http://www.ruby-lang.org/en/security/
 Japanese version is here: http://www.ruby-lang.org/ja/security/
 
+Security vulnerabilities should be reported via an email to
+mailto:security@ruby-lang.org ({the PGP public
+key}[http://www.ruby-lang.org/security.asc]), which is a private mailing list.
+Reported problems will be published after fixes.
+
 == <code>$SAFE</code>
 
 Ruby provides a mechanism to restrict what operations can be performed by Ruby
author	nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-05-04 15:00:17 +0000
committer	nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-05-04 15:00:17 +0000
commit	ec1f8cbb7a34d0b611dedad5741c55c6755b7966 (patch)
tree	e4f58e85b8ef3224af02ce26dbcced651a0e4629 /doc
parent	f824c6f15f3bfb0b2d7188fc2b8496ee8d69285f (diff)