Security Team Mailing Aliases

All security vulnerabilities may be reported to security@lists.trustedfirmware.org. They will be forwarded to the appropriate project security teams(s). Alternatively, there are project specific aliases that may be used directly:

• OP-TEE : op-tee-security@lists.trustedfirmware.org

• Trusted-Firmware-A : tf-a-security@lists.trustedfirmware.org

• Trusted-Firmware-M : tf-m-security@lists.trustedfirmware.org

• MCUboot : mcuboot-security@lists.trustedfirmware.org

• Mbed TLS : mbed-tls-security@lists.trustedfirmware.org

If you choose to encrypt your report, the same PGP key may be used for any of these aliases.