Commit 8c21beb31cfe96669791c470437312a2fa147109
Committed by
GitHub
GitHub
1 parent
1508e45c
doc: added SECURITY.md
Showing
1 changed file
with
27 additions
and
0 deletions
SECURITY.md
0 → 100644
| 1 | +# Security Policy | |
| 2 | + | |
| 3 | +This document describes how to report security issues in the oletools project. | |
| 4 | + | |
| 5 | +## Supported Versions | |
| 6 | + | |
| 7 | +The following table shows which versions of the oletools project are | |
| 8 | +currently being supported with security updates: | |
| 9 | + | |
| 10 | +| Version | Supported | | |
| 11 | +| ------- | ------------------ | | |
| 12 | +| <0.60.x | :x: | | |
| 13 | +| >=0.60.x | :white_check_mark: | | |
| 14 | + | |
| 15 | +## Reporting a Vulnerability | |
| 16 | + | |
| 17 | +If you would like to report a vulnerability affecting the oletools project, | |
| 18 | +please send a first email to decalage at laposte dot net, without giving | |
| 19 | +technical details. You will then be provided with a GPG key to send | |
| 20 | +encrypted emails. | |
| 21 | + | |
| 22 | +Alternatively you may also contact me via X/Twitter, Mastodon or BlueSky | |
| 23 | +using private messages (see https://linktr.ee/decalage). | |
| 24 | + | |
| 25 | +Please note that oletools is a non-commercial open-source project maintained | |
| 26 | +on my spare time. I will do my best to answer in due time and fix | |
| 27 | +vulnerabilities. | ... | ... |