merge upstream 2025-02-03

author: Hazelnoot <acomputerdog@gmail.com> 2025-02-03 14:31:26 -0500
committer: Hazelnoot <acomputerdog@gmail.com> 2025-02-03 14:36:09 -0500
commit: a4e86758c1c53f4e623b6e8f613d4a6e34e96156 (patch)
tree: d09bf325b7f52512a1fe2a9d35f1953d2b310309 /SECURITY.md
parent: merge: Use package manager version from package.json (!883) (diff)
parent: fix(build): corepackのバグの回避 (#15387) (diff)
download: sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.tar.gz
sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.tar.bz2
sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md
index 8d3d44db41..499fa2c1fa 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -8,6 +8,11 @@ bug report to the GitLab repository.
 
 Thanks for helping make Sharkey safe for everyone.
 
+> [!note]
+> CNA [requires](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_5-2_Description) that CVEs include a description in English for inclusion in the CVE Catalog.
+> 
+> When creating a security advisory, all content must be written in English (it is acceptable to include a non-English description along with the English one).
+
 ## When create a patch
 
 If you can also create a patch to fix the vulnerability, please create a PR on the private fork.
author	Hazelnoot <acomputerdog@gmail.com>	2025-02-03 14:31:26 -0500
committer	Hazelnoot <acomputerdog@gmail.com>	2025-02-03 14:36:09 -0500
commit	a4e86758c1c53f4e623b6e8f613d4a6e34e96156 (patch)
tree	d09bf325b7f52512a1fe2a9d35f1953d2b310309 /SECURITY.md
parent	merge: Use package manager version from package.json (!883) (diff)
parent	fix(build): corepackのバグの回避 (#15387) (diff)
download	sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.tar.gz sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.tar.bz2 sharkey-a4e86758c1c53f4e623b6e8f613d4a6e34e96156.zip