mirror of
https://github.com/nextcloud/android.git
synced 2024-11-21 12:45:32 +03:00
Create SECURITY.md
This commit is contained in:
parent
830bc3703c
commit
2e98dcd11d
1 changed files with 24 additions and 0 deletions
24
SECURITY.md
Normal file
24
SECURITY.md
Normal file
|
@ -0,0 +1,24 @@
|
|||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
Only the latest version is supported. We release every second month a feature release (currently 3.x) and inbetween a bug fix release (3.x.y).
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Security is very important to us. If you have discovered a security issue with Nextcloud,
|
||||
please read our responsible disclosure guidelines and contact us at [hackerone.com/nextcloud](https://hackerone.com/nextcloud).
|
||||
Your report should include:
|
||||
|
||||
- Product version
|
||||
- A vulnerability description
|
||||
- Reproduction steps
|
||||
|
||||
A member of the security team will confirm the vulnerability, determine its impact, and develop a fix.
|
||||
The fix will be applied to the master branch, tested, and packaged in the next bug fix release.
|
||||
The vulnerability will be publicly announced after the release. Finally, your name will be added
|
||||
to the [hall of fame](https://hackerone.com/nextcloud/thanks) as a thank you from the entire Nextcloud community. Note our
|
||||
[threat model](https://nextcloud.com/security/threat-model) to know what is expected behavior.
|
||||
|
||||
|
||||
Please visit https://nextcloud.com/security/ for further information about security.
|
Loading…
Reference in a new issue