Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backport to release/v1.7 #2368

Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Security Policy

## Supported Versions

We currently offer security updates for the following Vald versions:

| Version | Supported |
| ------- | ------------------ |
| v1.7.x | :white_check_mark: |
| v1.6.x | :white_check_mark: |
| < v1.6 | :x: |

## Reporting a Vulnerability

At Vald, we prioritize software security. If you discover a security vulnerability, please report it to vald@vdaas.org.

When reporting a vulnerability, please provide:

- A clear and concise description of the vulnerability.
- Steps to reproduce the issue.
- Any relevant versions or configurations to aid in diagnosing the problem.
- Any potential solutions or mitigations you may know of.

We will assess your report promptly and respond as soon as possible. Once we reply, we will keep you informed about the fix progress and a comprehensive announcement. We value your responsible disclosure and will recognize your contributions.

## Security Update Policy

Our goal is to address all reported security issues promptly. Upon confirming a security concern, we will promptly release patch updates for the two most recent Vald minor versions. We advise all users to apply security updates as soon as they become available.

Thank you for contributing to the safety of Vald and its users.
Loading