From patchwork Mon Dec 25 05:11:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mike Frysinger X-Patchwork-Id: 183122 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp237932dyb; Sun, 24 Dec 2023 21:12:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IE77tv+EdtsLZMwTWYirxCZlkdvcTNbXozTknFwT6eNwvd9F7JiAeCL0lLLqD8FbQg6Paby X-Received: by 2002:a05:620a:1455:b0:77e:fba3:a20c with SMTP id i21-20020a05620a145500b0077efba3a20cmr6302555qkl.102.1703481123670; Sun, 24 Dec 2023 21:12:03 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1703481123; cv=pass; d=google.com; s=arc-20160816; b=YgrjEjxBYAz3r43SDgfIeWRufia6tqrcq9y+1xUzYN5I4j9Jm374aaVnxtAYR3LlJU q4hbDd3nbkMtIsLw0zpXrM2OKj1qLdPkvNwl8gFoklMQK9UI2UlN1t5iC4XTh7dV3hP6 kji7cBhCntv+0XqNXj4LmZMZMSHUe1CPBfz5QXRqWwigCpFDDHyVDMV+HHPozvPI+Zz0 ouwptoQhQxSkJZaDu5Fq06yEIe0pzk/xUhAqHkwjUNVRYc7QEqlwLSyZXiRXULTfmZxS QaJK4waNx2DxtKaM0/tflDZRjZoMRLjT0AriHG4M79WOIN4QiVSjEZbCkcETfoqn6wPz xHXg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:to:from:arc-filter :dmarc-filter:delivered-to; bh=iY1YIS4tEf8GXR0I7+lq+T+HgcwpJysL/IdxFx9XDc4=; fh=NLxAvL/bDfPg4AGOtxqvQlND8vazkZrNzKLY8+LAbBY=; b=pv6ne6KzPEwaO3C3/RdgBTdm02cpzWqGuQ3PEIvGwykJRZceDvoS9dDqJPYm5R3q/v MjvTCuFu/JSBsYEdVobITqbG4Ah9BR28iXLw31WXlpmPLSVx3HFjhUauJ/bDeN0Rt/N9 UjJ/QCide9NzcYAoK0uRFQKuXRRK1WyDGQGie7xnKQkVixo44X6T0U+tJlUg9OkR1abG Mx5xCEXRynoYwJiVtD5ON3eB5GriV/GulN128VTFF8l8EllAXBqhQA4gCaL9NBwsAPK+ +RZMUuQPLOCXdIterPU+hy73gdemSfeljkLpiKoneBuHdnkopxV2ELC/1Y+niP6qbwVu AkUA== ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id q10-20020a05620a0d8a00b0077efd5c2af0si10810130qkl.170.2023.12.24.21.12.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 24 Dec 2023 21:12:03 -0800 (PST) Received-SPF: pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5BFCE385840E for ; Mon, 25 Dec 2023 05:12:03 +0000 (GMT) X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) by sourceware.org (Postfix) with ESMTP id BD27E3858C98 for ; Mon, 25 Dec 2023 05:11:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BD27E3858C98 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gentoo.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gentoo.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org BD27E3858C98 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:470:ea4a:1:5054:ff:fec7:86e4 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703481114; cv=none; b=oiudVxYclmSxXdK6AHDq8zJFRvRzcdMYEtm8P8cbLHrDMkYvQWKG612rK5A59MHogxKbTowWugGUjsrTCukqtyqS3R3cRUt0kXp2Jb06xZ5iZ7aXD/rnGYVHUJyCXXc8gquX6OWHCmdk5F5jMEcJlydF6VKGow9LaDQDedo9f7c= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703481114; c=relaxed/simple; bh=ycQcqqYAuPW11w2fA1lx2Cl7MSPNrpACNvbmtvJymPs=; h=From:To:Subject:Date:Message-ID:MIME-Version; b=fO55E4Muo7ldiXS2E40tg3W9o/LP4Ecul3Rtg7HktFQdRdyhAaubhFtJdB4h2pSUy3U5o++RaHlKCQLGt1/mztc/+Mbrs1R0bPD9IuceR+VSB3pbnoCuOZU0Grmdb8ehwS2VSARPo9/kn7IdLsSE30rszXKU10jNeJhamzfnayM= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by smtp.gentoo.org (Postfix, from userid 559) id 24B4533EB78; Mon, 25 Dec 2023 05:11:52 +0000 (UTC) From: Mike Frysinger To: binutils@sourceware.org Subject: [PATCH/committed] binutils: SECURITY: use https URI Date: Mon, 25 Dec 2023 00:11:49 -0500 Message-ID: <20231225051149.18009-1-vapier@gentoo.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-Spam-Status: No, score=-11.2 required=5.0 tests=BAYES_00, GIT_PATCH_0, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1786229422787587162 X-GMAIL-MSGID: 1786229422787587162 --- binutils/SECURITY.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/binutils/SECURITY.txt b/binutils/SECURITY.txt index d9542342b389..f16b0c9d7099 100644 --- a/binutils/SECURITY.txt +++ b/binutils/SECURITY.txt @@ -10,7 +10,7 @@ What is a binutils security bug? bugs might occur. In the first, the programs themselves might be tricked into a direct compromise of security. In the second, the tools might introduce a vulnerability in the generated output that - was not already present in the files used as input. + was not already present in the files used as input. Other than that, all other bugs will be treated as non-security issues. This does not mean that they will be ignored, just that @@ -52,7 +52,7 @@ Reporting private security bugs with other teams as necessary. The team contacted will take care of details such as vulnerability - rating and CVE assignment (http://cve.mitre.org/about/). It is likely + rating and CVE assignment (https://cve.mitre.org/about/). It is likely that the team will ask to file a public bug because the issue is sufficiently minor and does not warrant an embargo. An embargo is not a requirement for being credited with the discovery of a security