A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hash: SHA256

# This file provides security vulnerability reporting information for the AlmaLinux OS project.
# Please follow the criteria below to ensure your report reaches the correct team.
Preferred-Languages: en

# Use this contact for vulnerabilities that require coordinated disclosure, no matter in which part of the project they are found. 
Contact: security@almalinux.org

# Use this contact if the issue is directly related to the AlmaLinux operating system itself but does not require coordinated disclosure.
Contact: https://bugs.almalinux.org

# For any other flaws, please report them in the repository that is associated with the part of the project in question.

# Before submitting a report, please read our vulnerability disclosure policy.
# This will help you understand the process and ensure your report is handled appropriately.
Policy: https://almalinux.org/p/vulnerability-disclosure-policy/


Encryption: https://almalinux.org/files/security-pgp-key.txt
Expires: 2030-03-21T15:42:25.000Z


# Important: Do not send sensitive data or vulnerability reports publicly.
-----BEGIN PGP SIGNATURE-----

iQJLBAEBCAA1FiEEMzeTSBdPlE436uygEatxH6m0ZhIFAmg5/8wXHHNlY3VyaXR5
QGFsbWFsaW51eC5vcmcACgkQEatxH6m0ZhIG7hAAr3JUitjQQT2l4OvdX/aMzLv+
kOhzgUp0ezn1rty93YhrEFIIlQ3kGKToH+0mxDA+tkrhdviDuD35HJFqqf3us+HB
PdwS0HCSa6CsDmcT1Tg7gVDQZnTRY0KqbV3iM5GcqgDBtNPSO4d7EAb4RRWiHAd+
nj+ZYj1CEe1kcWsVIr9vF1B6xYTthW72ZKEJ6s3+k90QZGF14s4lBMLhYkcq5guW
uZSz8HxbryqAHij89FhPmS2G03EHbe3VXK+OZn7g7yKormyRYliblU7rK1zNEUdT
YtSd5v8IHB+CeLt7A0fjCS1FKYGsYkxxYMnErUuYmFq9w5RGp8anDsjV9UJPIOaA
pnRKUTdNB0kE0JV5CElWf21TSJ5ezO8wL1q5vgO9nSSZMgBeGhzDYa5rIbE+3ozw
yF5EiRv6ckz4YgGnaVUlqUc/abJRVzDxgYAAmx+ZaPO3Orm3cQhefQl5pWig1+qP
vpOjt+66GQFR8HiV4DOxv1uhBTLtKN1oCaxxodqe1TKuwAtqWkliiq7iBAW+c8E/
MgUW8g/nObhxyQwl5oF2vPW4miqh6eOvZcO2kWzGoi3o13X37bNkJ2TQ5GPOSsC3
kAFqjeYsHsGFdfVEa44dAwd8qJ93Fdosc8W2G36AO47bhWO1AEdz5/2qlurlVYHR
wRtI4DNjffL+zAvOsCY=
=R6Q5
-----END PGP SIGNATURE-----