From 0e0005172ee1dd1de80d3d8a916b32d344688993 Mon Sep 17 00:00:00 2001 From: Michael Manfre Date: Thu, 21 May 2020 04:30:14 -0400 Subject: [PATCH] [3.1.x] Added notes related to security pre-notification list requests. Backport of 0e893248b28e30bf562d29e6d5745ffad4b1a1eb from master --- docs/internals/security.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/internals/security.txt b/docs/internals/security.txt index 438325b3303..511c83b537c 100644 --- a/docs/internals/security.txt +++ b/docs/internals/security.txt @@ -191,6 +191,11 @@ groups: demonstrated ability to responsibly receive, keep confidential and act on these notifications. +.. admonition:: Security audit and scanning entities + + As a policy, we do not add these types of entities to the notification + list. + Requesting notifications ======================== @@ -235,3 +240,9 @@ Please also bear in mind that for any individual or organization, receiving security notifications is a privilege granted at the sole discretion of the Django development team, and that this privilege can be revoked at any time, with or without explanation. + +.. admonition:: Provide all required information + + A failure to provide the required information in your initial contact + will count against you when making the decision on whether or not to + approve your request.