From ca14a1e8d03f155dc75446391ff29e9ed35a842e Mon Sep 17 00:00:00 2001 From: the-djmaze <> Date: Thu, 3 Mar 2022 22:51:16 +0100 Subject: [PATCH] Upload SECURITY.md --- SECURITY.md | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..aa379ae94 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ +# Security Policy + +## Supported Versions + +Currently due to the fast development only the latest version receives security updates. + +| Version | Supported | +| -------- | --------- | +| 2.13.x | ✔ | +| < 2.13.0 | ❌ | + +## Reporting a Vulnerability + +Please report security issues or vulnerabilities as an encrypted email to *security[at]snappymail.eu*. +Your report should be detailed enough with clear steps to reproduce and classify the found vulnerability. + +You can find the PGP public key here and on the major public keyservers like [pgp.key-server.io](https://pgp.key-server.io). +``` +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEYiE2QRYJKwYBBAHaRw8BAQdAqMrQUm6DddWcQNo0VEjNIu3Q6CfP3nokVv2Y +rNQ1avq0LFNuYXBweU1haWwgU2VjdXJpdHkgPHNlY3VyaXR5QHNuYXBweW1haWwu +ZXU+iJQEExYKADwWIQREXSZRJOYHJnHmTQcz+Gin416CdwUCYiE2QQIbAwULCQgH +AgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQM/hop+NegnfSGgD9GEHpOrvWpBGY +dYfvVd/+Lv5d+dFBcPyki9zu9zHfhwkBAL343EF6ZR0XwMlOQu9wu0hT9KBz4g55 +6D41i0PrEaoBuDgEYiE2QRIKKwYBBAGXVQEFAQEHQMMr9gcVcJ3aiup/tpl8ZXxy +aJiJRGkPyNwGI5vxHMpZAwEIB4h4BBgWCgAgFiEERF0mUSTmByZx5k0HM/hop+Ne +gncFAmIhNkECGwwACgkQM/hop+NegndVhgD/SVGSKbF4G2W024VpW2tm3zCT+ue+ +YMXQVq4SJt7UpWABAORudfJxsBqCRKtPlZMgGTJLjcOkyFJ9C2Fx7DeN0J4I +=nSOi +-----END PGP PUBLIC KEY BLOCK----- +``` + +Type: 255-bit EdDSA +Fingerprint: 445D265124E6072671E64D0733F868A7E35E8277 + +## Publishing and Credits + +I will analyze and fix the reported issue as fast as possible. +Together with the reporter I plan the disclosure of the found and fixed vulnerability. +Credits to the reporter are granted and can be included in all public communication if desired.