Skip to content

Security: libre-devops/libredevops-dot-org

SECURITY.md

Security Policy

Supported Versions

Use this section to tell people about which versions of your project are currently being supported with security updates.

Version Supported
5.1.x
5.0.x
4.0.x
< 4.0

Reporting a Vulnerability

Please report suspected vulnerabilities privately by email to security@example.com. Do not open public GitHub issues for undisclosed security reports.

Include the affected version(s), reproduction steps, impact assessment, and any proposed remediation details in your report.

We will acknowledge receipt within 3 business days and provide an initial triage update within 7 business days.

If the report is accepted, we will work on a fix and coordinate disclosure with you after a patch or mitigation is available. If the report is declined, we will share the reason (for example, unsupported version, non-security issue, or not reproducible with provided details).

Please do not disclose vulnerabilities publicly until we have completed investigation and remediation coordination.

Security advisories and fixes will be published at: https://github.com/libre-devops/libredevops-dot-org/security/advisories

There aren't any published security advisories