mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-11-14 11:44:54 +08:00
40 lines
1.7 KiB
Markdown
40 lines
1.7 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
Currently due to the fast development only the latest version receives security updates.
|
|
|
|
| Version | Supported |
|
|
| -------- | --------- |
|
|
| 2.13.x | ✔ |
|
|
| < 2.13.0 | ❌ |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Please report security issues or vulnerabilities as an encrypted email to [security@snappymail.eu](mailto:security@snappymail.eu).
|
|
Your report should be detailed enough with clear steps to reproduce and classify the found vulnerability.
|
|
|
|
You can find the PGP public key below and on the major public keyservers like [pgp.key-server.io](https://pgp.key-server.io).
|
|
```
|
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
Comment: Type: 255-bit EdDSA
|
|
Comment: Fingerprint: 445D265124E6072671E64D0733F868A7E35E8277
|
|
|
|
mDMEYiE2QRYJKwYBBAHaRw8BAQdAqMrQUm6DddWcQNo0VEjNIu3Q6CfP3nokVv2Y
|
|
rNQ1avq0LFNuYXBweU1haWwgU2VjdXJpdHkgPHNlY3VyaXR5QHNuYXBweW1haWwu
|
|
ZXU+iJQEExYKADwWIQREXSZRJOYHJnHmTQcz+Gin416CdwUCYiE2QQIbAwULCQgH
|
|
AgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQM/hop+NegnfSGgD9GEHpOrvWpBGY
|
|
dYfvVd/+Lv5d+dFBcPyki9zu9zHfhwkBAL343EF6ZR0XwMlOQu9wu0hT9KBz4g55
|
|
6D41i0PrEaoBuDgEYiE2QRIKKwYBBAGXVQEFAQEHQMMr9gcVcJ3aiup/tpl8ZXxy
|
|
aJiJRGkPyNwGI5vxHMpZAwEIB4h4BBgWCgAgFiEERF0mUSTmByZx5k0HM/hop+Ne
|
|
gncFAmIhNkECGwwACgkQM/hop+NegndVhgD/SVGSKbF4G2W024VpW2tm3zCT+ue+
|
|
YMXQVq4SJt7UpWABAORudfJxsBqCRKtPlZMgGTJLjcOkyFJ9C2Fx7DeN0J4I
|
|
=nSOi
|
|
-----END PGP PUBLIC KEY BLOCK-----
|
|
```
|
|
|
|
## Publishing and Credits
|
|
|
|
I will analyze and fix the reported issue as fast as possible.
|
|
Together with the reporter I plan the disclosure of the found and fixed vulnerability.
|
|
Credits to the reporter are granted and can be included in all public communication if desired.
|