From ee2d68b43d2dc5370af38fee72cf3d84e9e92981 Mon Sep 17 00:00:00 2001 From: pomelo-nwu Date: Tue, 24 Feb 2026 14:22:47 +0800 Subject: [PATCH] fix: update security vulnerability reporting channel - Update SECURITY.md with proper security reporting portal - Change reporting link to Alibaba Cloud security console - Add clear guidance for security vs non-security issues Fixes #1883 Co-authored-by: Qwen-Coder --- SECURITY.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 4e7d8ce79..d4ae9df9e 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,9 @@ -# Reporting Security Issues +# Security Policy -Please report any security issue or Higress crash report to [ASRC](https://security.alibaba.com/) (Alibaba Security Response Center) where the issue will be triaged appropriately. +## Reporting a Vulnerability -Thank you for helping keep our project secure. +If you believe you have discovered a security vulnerability, please report it to us through the following portal: [Report Security Issue](https://yundun.console.aliyun.com/?p=xznew#/taskmanagement/tasks/detail/151) + +> **Note:** This channel is strictly for reporting security-related issues. Non-security vulnerabilities or general bug reports will not be addressed here. + +We sincerely appreciate your responsible disclosure and your contribution to helping us keep our project secure.