X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=doc%2Fguides%2Fcontributing%2Fvulnerability.rst;h=b6300252ad29415f6f2bdca8d269a425fff21ea0;hb=2e3dbc80cc012f11799c7eda866e1168dadb5032;hp=da00acd4f07e1095ba461294e98365d86d159c88;hpb=3d4b2afb73f7f0988f8e66ba1b37f2a446e33868;p=dpdk.git

diff --git a/doc/guides/contributing/vulnerability.rst b/doc/guides/contributing/vulnerability.rst
index da00acd4f0..b6300252ad 100644
--- a/doc/guides/contributing/vulnerability.rst
+++ b/doc/guides/contributing/vulnerability.rst
@@ -8,7 +8,7 @@ Scope
 -----
 
 Only the main repositories (dpdk and dpdk-stable) of the core project
-are in the scope of this security process.
+are in the scope of this security process (including experimental APIs).
 If a stable branch is declared unmaintained (end of life),
 no fix will be applied.
 
@@ -182,7 +182,7 @@ When the fix is ready, the security advisory and patches are sent
 to downstream stakeholders
 (`security-prerelease@dpdk.org <mailto:security-prerelease@dpdk.org>`_),
 specifying the date and time of the end of the embargo.
-The public disclosure should happen in **less than one week**.
+The communicated public disclosure date should be **less than one week**
 
 Downstream stakeholders are expected not to deploy or disclose patches
 until the embargo is passed, otherwise they will be removed from the list.