TPS/birzha
TPS
/
birzha
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Core team to handle security reports

This commit is contained in:
Sam Geo 2021-03-04 12:33:16 +11:00 committed by GitHub
parent 00f65ca725
commit def99f6902
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
SECURITY.md
View File

@ -1,11 +1,13 @@
# Security Policy
**PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, [SEE BELOW](#reporting-a-vulnerability).**
**Please do NOT disclose security-related issues in public, [see instructions below](#reporting-a-vulnerability).**
## Supported Versions
October is evergreen, no one version is singled out for security fixes because there is no way to update just one version. Builds are continually released and security fixes will always be available in the latest build.
October CMS is an evergreen product, no one version is singled out for security fixes because there is no way to update just one version. Builds are continually released and security fixes will always be available in the latest build. We encourage all users to upgrade their websites to the latest version.
In cases where there are platform versioning constraints, such as old version of Laravel or PHP, we will make a best effort to backport security fixes to these compatible versions.
## Reporting a Vulnerability
If you discover a security vulnerability within OctoberCMS, please send an email to Luke Towers at octobercms@luketowers.ca and Samuel Georges at hello@octobercms.com. All security vulnerabilities will be promptly addressed.
If you discover a security vulnerability within October CMS, please send an email the security team at hello@octobercms.com. All security vulnerabilities will be promptly addressed.