1
# Reporting security bugs
3
Here are some security-related information for Libravatar.org and the
6
## Bugs in the Libravatar.org service
8
There are two ways to report security bugs in the Libravatar service:
10
1. [File a bug on the tracker](https://bugs.launchpad.net/libravatar/+filebug) with a "Private Security" visibility.
11
2. Email Francois Marier at `security@libravatar.org`
13
## Bugs in the Libravatar protocol
15
For bugs in the Libravatar federated protocol itself, please email `security@libravatar.org`.
17
## Bugs in third-party libraries
19
If you find a bug in a [third-party library](http://wiki.libravatar.org/libraries/),
20
please email its author directly, but feel free to CC `security@libravatar.org`.
24
If you email `security@libravatar.org`, we will do our best to acknowledge your
25
email within 48 hours. If you haven't heard from us, please try again or ping
26
us through [another channel](http://wiki.libravatar.org/talk_to_us/).
30
It is of course up to you whether or not you publicize the security
31
vulnerability you have discovered, but we do ask that you please give us a
32
bit of time to deploy a fix before you discuss your findings publicly.