Security Bugs
- Filing A Security Bug
- Tracking WebRTC Chromium - Security Bugs
- Tracking WebRTC Standalone - Security Bugs
- Applying Security Patches - Standalone Clients
- Security Research
Filing A Security Bug
If you have found a potential security related bug please follow the instructions here.
Tracking WebRTC Chromium - Security Bugs
Publicly visible security bugs in the Chromium issue tracker normally become visible 14 weeks after they are fixed and can be found with the following query: WebRTC Chromium Bug-Security Tracker
If you have an account with the bug tracker you can set up a saved query to immediately notify you if a new security bug is posted.
Tracking WebRTC Standalone - Security Bugs
Only a subset of the WebRTC codebase is used in Chrome. For standalone applications such as mobile applications (that depend on WebRTC native fixes) will be announced separately on discuss-webrtc.
Please be sure to subscribe to the mailing list to stay up to date.
Applying Security Patches - Standalone Clients
Note that we will generally NOT merge security fixes backwards to any branches, so if you’re using older branches it’s your responsibility to make sure the relevant security fixes get merged. We recommend staying up to date with master for this reason.