We at The Linux Foundation LF work to develop secure software in our foundations and projects and we also work to secure the infrastructure we use. But were all human and mistakes can happen.
So if you discover a security vulnerability in something we do please tell us.
If you find a security vulnerability in the software developed by one of our foundations or projects please report the vulnerability directly to that foundation or project. For example Linux kernel security vulnerabilities should be reported to ltsecuritykernel.orggt as described in security bugs. If the foundationproject doesnt state how to report vulnerabilities please ask them to do so. In many cases one way to report vulnerabilities is to send an email to ltsecurityDOMAINgt.
If you find a security vulnerability in the Linux Foundations infrastructure as a whole please report it to ltsecuritylinuxfoundation.orggt as noted on our contact page.