You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: SECURITY.md
+9-2Lines changed: 9 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,15 +7,22 @@
7
7
| 1.x |:white_check_mark:||
8
8
9
9
## Reporting Potential Security Issues
10
+
10
11
If you have encountered a potential security vulnerability in this project, please report it to us at <security@dotkernel.com>.
11
12
We will work with you to verify the vulnerability and patch it.
13
+
12
14
When reporting issues, please provide the following information:
15
+
13
16
- Component(s) affected
14
17
- A description indicating how to reproduce the issue
15
18
- A summary of the security vulnerability and impact
16
-
We request that you contact us via the email address above and give the project contributors a chance to resolve the vulnerability and issue a new release prior to any public exposure;
17
-
this helps protect the project's users and provides them with a chance to upgrade and/or update to protect their applications.
19
+
20
+
We request that you contact us via the email address above and give the project contributors a chance to resolve the vulnerability and issue a new release prior to any public exposure;
21
+
this helps protect the project's users and provides them with a chance to upgrade and/or update to protect their applications.
22
+
18
23
## Policy
24
+
19
25
If we verify a reported security vulnerability, our policy is:
26
+
20
27
- We will patch the current release branch, as well as the immediate prior minor release branch.
21
28
- After patching the release branches, we will immediately issue new security fix releases for each patched release branch.
0 commit comments