-
Notifications
You must be signed in to change notification settings - Fork 709
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
95948b3
commit fd23fe9
Showing
2 changed files
with
23 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
The latest release of *ring* is supported. The fixes for any security issues found will be included | ||
in the next release. | ||
|
||
|
||
## Reporting a Vulnerability | ||
|
||
Please [use *ring*'s security advisory reporting tool provided by | ||
GitHub](https://github.com/briansmith/ring/security/advisories/new) to report security issues. | ||
|
||
We strive to fix security issues as quickly as possible. Across the industry, often the developers' | ||
slowness in developing and releasing a fix is the biggest delay in the process; we take pride in | ||
minimizing this delay as much as we practically can. We encourage you to also minimize the delay | ||
between when you find an issue and when you contact us. You do not need to convince us to take your | ||
report seriously. You don't need to create a PoC or a patch if that would slow down your reporting. | ||
You don't need an elaborate write-up. A short, informal note about the issue is good. We can always | ||
communicate later to fill in any details we need after that first note is shared with us. |