kc3-lang/libjpeg-turbo/.github/SECURITY.md

• Show log

  Commit

• Hash : 4e7ff7b9
  Author :
  Date : 2023-05-31T10:24:04
  

  SECURITY.md: Wordsmithing and clarifications
  
  - Clarify that encrypted e-mail is optional.
  - Mention the new GitHub security advisory system.
  - Clarify that vulnerabilities against new features that are not yet in
    a Stable release series need not be reported securely.
  

Download

---

Source

• .github/SECURITY.md

• # Security Policy
  
  ## Supported Versions
  
  Fixes for security vulnerabilities are applied to any applicable branch/release
  series that is in the
  [Next-Gen, Active, Maintenance, or Extended support category](https://libjpeg-turbo.org/DeveloperInfo/Versioning).
  
  ## Reporting a Vulnerability
  
  Vulnerabilities can be reported in one of the following ways:
  
  - [E-mail the project admin](https://libjpeg-turbo.org/About/Contact).  You can
    optionally encrypt the e-mail using the provided public GPG key.
  - Open a
    [GitHub draft security advisory](https://github.com/libjpeg-turbo/libjpeg-turbo/security/advisories/new).
  - [Alpha/Evolving, Beta, and Post-Beta release series](https://libjpeg-turbo.org/DeveloperInfo/Versioning)
    are not expected to be free of bugs, so vulnerabilities that affect only
    those release series (for example, vulnerabilities introduced by a new
    feature that is not present in a Stable release series) can optionally be
    reported using a
    [GitHub bug report](https://github.com/libjpeg-turbo/libjpeg-turbo/issues/new/choose).
  

Download