17e509d50SXin LI# Reporting and Fixing Security Issues 27e509d50SXin LI 37e509d50SXin LIPlease do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors. Security issues in this open source project can be safely reported via the Meta Bug Bounty program: 47e509d50SXin LI 57e509d50SXin LIhttps://www.facebook.com/whitehat 67e509d50SXin LI 77e509d50SXin LIMeta's security team will triage your report and determine whether or not is it eligible for a bounty under our program. 87e509d50SXin LI 97e509d50SXin LI# Receiving Vulnerability Notifications 107e509d50SXin LI 117e509d50SXin LIIn the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix. 127e509d50SXin LI 137e509d50SXin LIIf you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers. 147e509d50SXin LI 157e509d50SXin LI<!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). --> 16