commit: 7625e509508a60f5a431ed52790f9eadbcda15c3
parent: ad29a4f2cf4496aaa9463e11d94b35364e9cddae
Author: lain <lain@soykaf.club>
Date: Sun, 9 Aug 2020 11:06:54 +0000
Merge branch 'security-policy' into 'develop'
Add security policy for Pleroma backend
Closes #1848
See merge request pleroma/pleroma!2862
Diffstat:
1 file changed, 16 insertions(+), 0 deletions(-)
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,16 @@
+# Pleroma backend security policy
+
+## Supported versions
+
+Currently, Pleroma offers bugfixes and security patches only for the latest minor release.
+
+| Version | Support
+|---------| --------
+| 2.0 | Bugfixes and security patches
+
+## Reporting a vulnerability
+
+Please use confidential issues (tick the "This issue is confidential and should only be visible to team members with at least Reporter access." box when submitting) at our [bugtracker](https://git.pleroma.social/pleroma/pleroma/-/issues/new) for reporting vulnerabilities.
+## Announcements
+
+New releases are announced at [pleroma.social](https://pleroma.social/announcements/). All security releases are tagged with ["Security"](https://pleroma.social/announcements/tags/security/). You can be notified of them by subscribing to an Atom feed at <https://pleroma.social/announcements/tags/security/feed.xml>.