-<p>This document has come in effect in December 2011 and will be reviewed periodically (see revision sections). The last modification was made in February/March 2015.</p>
+<p>This document has come in effect in December 2011 and will be reviewed periodically: see <a href="#changelog">Change History</a> for a detailed list of changes.</p>
<h2 id="introduction">Introduction</h2>
<p>Computer systems have bugs. Currently recognised best practice for bugs with security implications is to notify significant downstream users in private; leave a reasonable interval for downstreams to respond and prepare updated software packages; then make public disclosure.</p>
<p>We want to encourage people to report bugs they find to us. Therefore we will treat with respect the requests of discoverers, or other vendors, who report problems to us.</p>
<li>Zynstra</li>
<li>ZZ Servers</li>
</ul>
-<h2 id="change-history">Change History</h2>
+<h2 id="changelog">Change History</h2>
<div class="box-note">
<ul>
<li><strong>v3.19 May 9th 2018:</strong> Remove Google from the predisclosure list</li>
This document has come in effect in December 2011 and will be reviewed
-periodically (see revision sections). The last modification was made in
-February/March 2015.
+periodically: see [Change History](#changelog) for a detailed list of changes.
Introduction
------------
- Zynstra
- ZZ Servers
-Change History
+Change History {#changelog}
--------------
<div class="box-note">
projects / people / larsk / governance.git / commitdiff