Add a link to the sudo security advisories archive.

author: Todd C. Miller <Todd.Miller@sudo.ws> 2023-01-19 15:20:38 -0700
committer: Todd C. Miller <Todd.Miller@sudo.ws> 2023-01-19 15:20:38 -0700
commit: 5294076e01d11a44b7107ffcec100d64b8c34959 (patch)
tree: ad7419a4642c68916ab079c0caf45347b01e94a3 /docs/SECURITY.md
parent: 5be1f8c57921039f9e1d28254004042a47ca0765 (diff)
download: sudo-5294076e01d11a44b7107ffcec100d64b8c34959.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 40a586bc0..1bb2680f7 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -35,3 +35,9 @@ We prefer all communications to be in English.
 ## Disclosure Policy
 
 The Sudo Project follows the principle of [Coordinated Vulnerability Disclosure](https://vuls.cert.org/confluence/display/CVD/Executive+Summary).  Disclosure is usually coordinated using the [distros mailing list](https://oss-security.openwall.org/wiki/mailing-lists/distros).
+
+## Security Advisories
+
+The Sudo web site contains an archive of [sudo security advisories](https://www.sudo.ws/security/advisories/).
+Additionally, information about vulnerabilities in sudo is sent to the
+[oss-security mailing list](https://oss-security.openwall.org/wiki/mailing-lists/oss-security) once the information becomes public.
author	Todd C. Miller <Todd.Miller@sudo.ws>	2023-01-19 15:20:38 -0700
committer	Todd C. Miller <Todd.Miller@sudo.ws>	2023-01-19 15:20:38 -0700
commit	5294076e01d11a44b7107ffcec100d64b8c34959 (patch)
tree	ad7419a4642c68916ab079c0caf45347b01e94a3 /docs/SECURITY.md
parent	5be1f8c57921039f9e1d28254004042a47ca0765 (diff)
download	sudo-5294076e01d11a44b7107ffcec100d64b8c34959.tar.gz