From 5f178c364c3b5c6fe87099b7624d5c76995ff8e6 Mon Sep 17 00:00:00 2001 From: Lasse Collin Date: Wed, 22 May 2024 14:08:33 +0300 Subject: [PATCH] Delete SECURITY.md from v5.6 It's too easily out of date in the stable branches. It's not included in the release packages anyway. --- .github/SECURITY.md | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 .github/SECURITY.md diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index e9b3458a..00000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,29 +0,0 @@ -# Security Policy - -## Supported Versions - -We provide security updates to the development branch and the stable -branches. Security patches for old releases are available on the -[project website](https://xz.tukaani.org/xz-utils/). - -## Reporting a Vulnerability - -If you discover a security vulnerability in this project, please -report it privately. **Do not disclose it as a public issue.** This gives -us time to work with you to fix the issue before public exposure, reducing -the chance that the exploit will be used before a patch is released. - -You may submit a report by emailing us at -[xz@tukaani.org](mailto:xz@tukaani.org), or through -[Security Advisories](https://github.com/tukaani-project/xz/security/advisories/new). -While both options are available, we prefer email. In any case, please -provide a clear description of the vulnerability including: - -- Affected versions of XZ Utils -- Estimated severity (low, moderate, high, critical) -- Steps to recreate the vulnerability -- All relevant files (core dumps, build logs, input files, etc.) - -This project is maintained by a team of volunteers on a reasonable-effort -basis. As such, please give us 90 days to work on a fix before -public exposure.