Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
mirror
/
gogs
-ын хуулбар https://github.com/gogs/gogs
1
0
Салаа 1
Файлууд Асуудлууд 0 Мэдлэгийн сан
Салаа: main
Салаанууд Тагууд
gogs
/
SECURITY.md

SECURITY.md 1.1 KB
Байнгын холболт Түүх Анхны өгөгдөл

Security policy

Supported versions

Only lastest two minor version releases are supported (>= 0.12) for accepting vulnerability reports and patching fixes.

Existing vulnerability reports are being tracked in GitHub Security Advisories.

Vulnerability lifecycle

[!important] Starting Nov 9, 2023 00:00 UTC, only security vulnerabilities reported through GitHub Security Advisories are accepted. Pre-existing vulnerability reported through https://huntr.dev/ or email (security@gogs.io) will continue to be worked through.

  1. Report a vulnerability
  2. Project maintainers review the report and either:
    • Ask clarifying questions
    • Confirm or deny the vulnerability
  3. Once the vulnerability is confirmed, the reporter may submit a patch or wait for project maintainers to patch.
    • The latter is usually significantly slower.
  4. Patch releases will be made for the supported versions.
  5. Publish the report on GitHub Security Advisories.

Thank you!