Docs: Update link to GitHub Security Advisories

BornToBeRoot · Jan 3, 2024 · fa215d1 · fa215d1
1 parent dd39bbb
commit fa215d1
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -6,6 +6,6 @@ Only the current version (main) is supported.
 
 ## Reporting a Vulnerability
 
-Contact me via GitHub Issues or via Twitter. We will find a secure way to exchange the details :)
+Contact me via [GitHub Security Advisory](https://github.com/BornToBeRoot/NETworkManager/security/advisories/new) with a detailed description of the vulnerability and how to reproduce it.
 
 I will try to fix it and publish an update ASAP!
diff --git a/Website/docs/faq/profile-file-encryption.md b/Website/docs/faq/profile-file-encryption.md
@@ -2,7 +2,7 @@
 
 ### How does the profile encryption work?
 
-Profile files are encrypted on disk using [AES](https://docs.microsoft.com/de-de/dotnet/api/system.security.cryptography.aes) with a key size of 256 bits and a block size of 128 bits in CBC mode. The encryption key is derived from a master password using [Rfc2898DeriveBytes](https://docs.microsoft.com/en-US/dotnet/api/system.security.cryptography.rfc2898derivebytes) (PBKDF2) with 1,000,000 iterations. At runtime, passwords are stored as [SecureString](https://docs.microsoft.com/en-US/dotnet/api/system.security.securestring) once the profile file is loaded. For some functions, the password must be converted to a normal string and may remains unencrypted in memory until the garbage collector cleans them up. If you found a security issue, you can report it [here](https://github.com/BornToBeRoot/NETworkManager/security/policy)!
+Profile files are encrypted on disk using [AES](https://docs.microsoft.com/de-de/dotnet/api/system.security.cryptography.aes) with a key size of 256 bits and a block size of 128 bits in CBC mode. The encryption key is derived from a master password using [Rfc2898DeriveBytes](https://docs.microsoft.com/en-US/dotnet/api/system.security.cryptography.rfc2898derivebytes) (PBKDF2) with 1,000,000 iterations. At runtime, passwords are stored as [SecureString](https://docs.microsoft.com/en-US/dotnet/api/system.security.securestring) once the profile file is loaded. For some functions, the password must be converted to a normal string and may remains unencrypted in memory until the garbage collector cleans them up. If you found a security issue, you can report it [here](https://github.com/BornToBeRoot/NETworkManager/security/advisories/new)!
 
 ### How to enable profile file encryption?