This document outlines security procedures and general policies for the Eclipse Adoptium project.
The Eclipse Adoptium community take all security vulnerabilities seriously. Thank you for improving the security of our projects. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
Report security vulnerability by emailing the Eclipse Security Team at [email protected].
Disclosure is initially limited to the reporter and all Eclipse Committers, but is expanded to include other individuals, and the general public. The timing and manner of disclosure is governed by the Eclipse Security Policy.
Publicly disclosed issues are listed on the Disclosed Vulnerabilities Page.
If you have suggestions on how this process could be improved please submit a pull request.