0xMRTT
77d5114f32
Updated the security policy to include details on supported versions and reporting vulnerabilities. Signed-off-by: 0xMRTT <0xMRTT@proton.me>
1.3 KiB
1.3 KiB
Security Policy
Supported Versions
Security updates are provided for:
| Version | Supported |
|---|---|
| Latest stable release | ✅ |
main branch |
✅ |
| Older releases | ❌ |
Reporting a Vulnerability
Please do not report security issues in public GitHub issues, GitLab issues, Codeberg issues, discussions, or chats.
Use one of the following private channels:
- GitHub Private Vulnerability Reporting (preferred):
- Open the repository Security tab
- Click Report a vulnerability
- If private reporting is unavailable on your platform mirror, contact the maintainers privately through the project maintainer contact listed on the main project pages.
When reporting, include:
- A clear description of the issue and impact
- Steps to reproduce (or a proof of concept)
- Affected versions/commit hashes
- Any suggested mitigation
Disclosure Process
- The maintainers will acknowledge new reports as soon as possible (target: within 7 days).
- After validation, maintainers will work on a fix and coordinate a release.
- Public disclosure should happen only after a fix is available, or after coordinated agreement with maintainers.
Scope
This policy applies to the source code and official release artifacts of Bavarder.