Skip to content

Security: ucphhpc/docker-migrid

Security

SECURITY.md

Security Policy

Supported Versions

This repository is a collaborative effort to make deployment of migrid as smooth as possible, and we maintainers release versions we deem suitable for production use with a Stable-DATE marker. We do not set or guarantee specific lifetimes for such releases but do our best to support the use and provide any security updates needed. We will announce any critical issues and specifically mark any known affected releases as such in the table below.

Version Supported
Stable-20240403
Stable-20240201
Stable-20231025
Stable-20231016
any other versions

Reporting a Vulnerability

We run this project as a non-profit collaboration and do NOT offer bug bounties, but appreciate reports about potential/confirmed security issues.

Please report any such findings in the Discussions section and/or open Pull requests to help fix such issues. In case the implications of the issues are considered to critical to disclose you may contact us directly as described elsewhere. We will strive to announce the resulting analysis and updates in releases here.

Any security issues in the underlying migrid software should be reported as described in the corresponding ucphhpc/migrid-sync repo.

Any security reports about specific deployments of docker-migrid on sites at UCPH or AU should go to the relevant site owners. E.g. as described in the security section on https://erda.ku.dk and https://sif.ku.dk .

There aren’t any published security advisories