This document outlines security procedures and general policies for the Bukkit SLF4J project.
We take all security vulnerabilities seriously. Thank you for improving the security of our open-source software. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
Please disclose privately any suspected security vulnerability by following the steps mentioned here. You will receive a response from us within one week at most, but most probably within a few hours or days. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.