Skip to content

Commit

Permalink
Feature Security Policy Doc: add security policy doc and update READM…
Browse files Browse the repository at this point in the history
…E file
  • Loading branch information
flohdez committed Aug 1, 2024
1 parent b8dd2ae commit a80f33d
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 0 deletions.
35 changes: 35 additions & 0 deletions .github/SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# Security Policy

## Supported Versions

We support fixing security issues on the following releases:

| Version | Supported | Security fixes until
|---------|--------------------| --------------------
| 14.2.1 | :white_check_mark: | 12 Months after the release (24 May 2025)
| 14.1.1 | :white_check_mark: | 12 Months after the release (08 May 2025)
| 14.0.1 | :white_check_mark: | 12 Months after the release (11 Mar 2025)
| 13.0.1 | :white_check_mark: | 12 Months after the release (11 Mar 2025)
| 12.0.0 | :white_check_mark: | 12 Months after the release (06 Nov 2024)
| 11.3.5 | :white_check_mark: | 12 Months after the release (11 Mar 2025)
| 11.2.6 | :white_check_mark: | 12 Months after the release (23 Nov 2024)
| 11.1.1 | :x: | No longer supported
| 9.3.1 | :x: | No longer supported
| 9.2.1 | :x: | No longer supported
| 8.5.2 | :x: | No longer supported

## Reporting a Vulnerability

If you’ve found a security issue in CakeDC Users plugin, please use the following procedure
instead of the normal bug reporting system. Instead of using the bug tracker please send an
email to security [at] cakedc.com.

For each report, we try to first confirm the vulnerability. Once confirmed,
the CakeDC team will take the following actions:

* Acknowledge to the reporter that we’ve received the issue, and are
working on a fix. We ask that the reporter keep the issue confidential until we announce it.
* Get a fix/patch prepared.
* Prepare a post describing the vulnerability, and the possible exploits.
* Release new versions of all affected versions.
* Prominently feature the problem in the release announcement
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,11 @@ Contributing

This repository follows the [CakeDC Plugin Standard](https://www.cakedc.com/plugin-standard). If you'd like to contribute new features, enhancements or bug fixes to the plugin, please read our [Contribution Guidelines](https://www.cakedc.com/contribution-guidelines) for detailed instructions.

Security
------------

If you've found a security issue in CakeDC Users plugin, please use the procedure described in [SECURITY.md](.github/SECURITY.md)

License
-------

Expand Down

0 comments on commit a80f33d

Please sign in to comment.