doc: Emphasize that security issues must not be reported as normal bugs
Change-Id: I43e452c9993a8608b20ec029562982f5dcf8e6b2
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
diff --git a/docs/process/security.rst b/docs/process/security.rst
index 0d59e72..a3b9971 100644
--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -20,13 +20,15 @@
Although we try to keep TF-A secure, we can only do so with the help of the
community of developers and security researchers.
-If you think you have found a security vulnerability, please **do not** report
-it in the `issue tracker`_ or on the `mailing list`_. Instead, please follow the
-`TrustedFirmware.org security incident process`_. One of the goals of this
-process is to ensure providers of products that use TF-A have a chance to
-consider the implications of the vulnerability and its remedy before it is made
-public. As such, please follow the disclosure plan outlined in the process. We
-do our best to respond and fix any issues quickly.
+.. warning::
+ If you think you have found a security vulnerability, please **do not**
+ report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
+ follow the `TrustedFirmware.org security incident process`_.
+
+One of the goals of this process is to ensure providers of products that use
+TF-A have a chance to consider the implications of the vulnerability and its
+remedy before it is made public. As such, please follow the disclosure plan
+outlined in the process. We do our best to respond and fix any issues quickly.
Afterwards, we encourage you to write-up your findings about the TF-A source
code.