From c99ce284d24d289f79efdb3d081d6678f73bd363 Mon Sep 17 00:00:00 2001 From: Andreas Maier Date: Thu, 1 Jun 2023 07:15:26 +0200 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..2a73115 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +This project supports its released versions as follows: + +- The [latest released version on Pypi](https://pypi.org/project/nocaselist/) + gets fixes, including security fixes. +- Earlier versions are not fixed anymore. + +## Reporting a Vulnerability + +Please report vulnerabilities via the +[Security Advisories](https://github.com/pywbem/nocaselist/security/advisories) +page of this project. This ensures that they are passed on to the maintainers +privately. + +Do not report them as issues or pull requests, since that would reveal the +vulnerability before the maintainers have a chance to fix it. Note that even +with a pull request that fixes the vulnerability perfectly, it is revealed +publicly before a new version of the package can be released to Pypi.