15 lines
784 B
Markdown
15 lines
784 B
Markdown
# Security Policy
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
**Please do not use GitHub issues for security-sensitive communication.**
|
|
|
|
The LibreTime maintainers ask that known and suspected vulnerabilities to be privately and responsibly disclosed by:
|
|
|
|
- sending all the required detail to [security@libretime.org](security@libretime.org),
|
|
- or by filling a [security advisory on Github](https://github.com/libretime/libretime/security/advisories/new).
|
|
|
|
A LibreTime maintainer will acknowledged the report within 3 working days.
|
|
|
|
We aim to provide a security patch within 30 days, after this period the report will be disclosed to the public. The security patch will be distributed for the [maintained versions of LibreTime](https://libretime.org/docs/releases/#distributions-releases-support).
|