wylab/llama.cpp
1
0
Fork 1
mirror of https://github.com/ggml-org/llama.cpp.git synced 2026-06-09 07:16:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

security : disable private disclosures (#23963)

Browse Source
This commit is contained in:
Georgi Gerganov
2026-06-01 13:14:12 +03:00
committed by GitHub
parent 48b88c3b00
commit 02a57017f6
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SECURITY.md
+5 -5
View File
@@ -12,16 +12,16 @@
## Reporting a vulnerability ## Reporting a vulnerability
> [!IMPORTANT]
> The private security disclosure program is disabled until further notice. Please submit patches with fixes directly to the repo as public PRs. Emails will be ignored.
If you have discovered a security vulnerability in this project that falls inside the [covered topics](#covered-topics), please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released. If you have discovered a security vulnerability in this project that falls inside the [covered topics](#covered-topics), please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
Please disclose it as a private [security advisory](https://github.com/ggml-org/llama.cpp/security/advisories/new). Please disclose it as a private [security advisory](https://github.com/ggml-org/llama.cpp/security/advisories/new).
A team of volunteers on a reasonable-effort basis maintains this project. As such, please give us at least 90 days to work on a fix before public exposure. A team of volunteers on a reasonable-effort basis maintains this project. As such, please give us at least 90 days to work on a fix before public exposure.
> [!IMPORTANT] ### Requirements
> For collaborators: if you are interested in helping out with reviewing private security disclosures, please see: https://github.com/ggml-org/llama.cpp/discussions/18080
## Requirements
Before submitting your report, ensure you meet the following requirements: Before submitting your report, ensure you meet the following requirements:
@@ -31,7 +31,7 @@ Before submitting your report, ensure you meet the following requirements:
Maintainers reserve the right to close the report if these requirements are not fulfilled. Maintainers reserve the right to close the report if these requirements are not fulfilled.
## Covered Topics ### Covered Topics
Only vulnerabilities that fall within these parts of the project are considered valid. For problems falling outside of this list, please report them as issues. Only vulnerabilities that fall within these parts of the project are considered valid. For problems falling outside of this list, please report them as issues.