diff options
| author | Bertrand Jacquin <bertrand@jacquin.bzh> | 2024-03-29 19:53:25 +0000 |
|---|---|---|
| committer | Bertrand Jacquin <bertrand@jacquin.bzh> | 2024-04-01 03:22:50 +0000 |
| commit | 3455cfeca5032698ea16b9971ef30bbb0fbfd0a4 (patch) | |
| tree | dfb34ae0112ddd2c5020679cadf73c1129352d5c /.github/SECURITY.md | |
| parent | CVE-2024-3094: remove .gitignore (diff) | |
| download | xz-3455cfeca5032698ea16b9971ef30bbb0fbfd0a4.tar.xz | |
CVE-2024-3094: import xz-5.6.1.tar.xzjiatan/v5.6.1/unpack
Diffstat (limited to '')
| -rw-r--r-- | .github/SECURITY.md | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index e9b3458a..00000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,29 +0,0 @@ -# Security Policy - -## Supported Versions - -We provide security updates to the development branch and the stable -branches. Security patches for old releases are available on the -[project website](https://xz.tukaani.org/xz-utils/). - -## Reporting a Vulnerability - -If you discover a security vulnerability in this project, please -report it privately. **Do not disclose it as a public issue.** This gives -us time to work with you to fix the issue before public exposure, reducing -the chance that the exploit will be used before a patch is released. - -You may submit a report by emailing us at -[xz@tukaani.org](mailto:xz@tukaani.org), or through -[Security Advisories](https://github.com/tukaani-project/xz/security/advisories/new). -While both options are available, we prefer email. In any case, please -provide a clear description of the vulnerability including: - -- Affected versions of XZ Utils -- Estimated severity (low, moderate, high, critical) -- Steps to recreate the vulnerability -- All relevant files (core dumps, build logs, input files, etc.) - -This project is maintained by a team of volunteers on a reasonable-effort -basis. As such, please give us 90 days to work on a fix before -public exposure. |