---
breadcrumb: Community
---
# Community

OpenSSL source is maintained by a [team of committers](committers.html).
The overall project is run by the [OpenSSL Management Committee](omc.html).
Technical decisions are made by the [OpenSSL Technical Committee](otc.html).
We operate under a set of [project bylaws](/policies/omc-bylaws.html) and
ask everyone to follow our [code of conduct](conduct.html).

Here are some of the ways you can join the community and contribute;
see the links on the right-hand side.
The "[getting started](getting-started.html)" page has some ideas.
We maintain several [mailing lists](mailinglists.html).
Anyone can join, but you must be a member of a list to post to it.
We have a [public wiki](https://wiki.openssl.org), and anyone can
request an account and start adding content.
We have a [team blog](/blog), where members of the development team
will occasionally post.

While we only distribute source, some members of the community make
[binaries](binaries.html) available.

Finally we'd also like to [thank](thanks.html) several groups for help
with the project infrastructure over time.

## <a name="securityreports">Reporting Security Bugs</a>

If you think you have found a security bug in OpenSSL, please send mail to
<openssl-security@openssl.org>. Encryption is not required, but if you want
to encrypt the mail, you can use our team's [PGP Key](/news/pgpkey.html). Or
you can send mail to one or more individual [OMC Members](/community/omc.html),
encrypted or plaintext.
We will work with you to assess and fix the flaw, as discussed in our
[Security Policy](/policies/secpolicy.html).

Please note that we do not run a Bug Bounty program, although third parties
(such as the [HackerOne Internet Bug Bounty](https://hackerone.com/ibb)) may
reward correctly reported and confirmed security issues in the OpenSSL
codebase.

All fixed security bugs are listed on our
[vulnerabilities page](/news/vulnerabilities.html).

## <a name="bugs">Reporting Bugs</a>

To report a bug or make an enhancement request, please open an issue on
GitHub, by clicking "new issue" on this page:
<https://github.com/openssl/openssl/issues>. If you also have code, you
do not need to open both an issue and a pull request.

For more information about the best way to submit patches, please see
the file CONTRIBUTING in the distribution. The short answer is
[make a pull request](https://github.com/openssl/openssl/pulls).