blob: 68d96ac8ba93ad95e8f1042b98e3ac45b44970ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
# Security Policy
Please follow the [official issues page](https://www.vaughnnugent.com/resources/software/modules/noscrypt-issues)
for progress on all security related issues.
## Supported Versions
Noscrypt is in pre-release and is not yet considered completely stable,
security fixes will be issued as soon as possible and rolled into the next release.
| Version | Supported |
| ------- | ------------------ |
| > 0.1.1 | :white_check_mark: |
## Reporting a Vulnerability
Vulnerabilities should be reported by email to vnpublic[at]proton.me or by submitting a
private vulnerability report on [GitHub](https://github.com/VnUgE/noscrypt/security).
Email is preferred for the fastest response.
Security reports are greatly appreciated and will be handled with the highest priority,
as noscrypt is cryptography infrastructure software. You should hear back within 48 hours
but this can vary because I'm just a single person who also has responsibilities.
Please contact me as soon as possible if you believe you have found a security vulnerability
in noscrypt, preferably before disclosing the issue publicly. I will keep you informed about
the progress of the fix and disclosure.
## Notices
I will attempt to update the [changelog](CHANGELOG.md) with security fixes as they are completed
and close issues as they are resolved. If you have any questions or concerns about the security
of noscrypt, please contact me at the email address above.
|
