From 52af31cc03dbac091d4114bbb48602c9e484bbc6 Mon Sep 17 00:00:00 2001 From: Oleksandr Prokhorenko Date: Thu, 5 Oct 2023 16:14:49 +0200 Subject: [PATCH] feat(docs): add security policy (#42) * feat(docs): add security policy * Update project.dic * Update project.dic --------- Co-authored-by: Steven Johnson --- .config/dictionaries/project.dic | 1 + SECURITY.md | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 SECURITY.md diff --git a/.config/dictionaries/project.dic b/.config/dictionaries/project.dic index 54de49fca19..aa7f0f5ec51 100644 --- a/.config/dictionaries/project.dic +++ b/.config/dictionaries/project.dic @@ -5,6 +5,7 @@ jetbrains lcov localizable mdlint +mitigations pubspec rustc stevenj diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000000..b878afb377f --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,19 @@ +# Security + +## Reporting a Vulnerability + +Please report (suspected) security vulnerabilities to . +You will receive a +response from us within 48 hours. +If the issue is confirmed, we will release a patch as soon +as possible. + +Please provide a clear and concise description of the vulnerability, including: + +* the affected version(s), +* steps that can be followed to exercise the vulnerability, +* any workarounds or mitigations. + +If you have developed any code or utilities that can help demonstrate the suspected +vulnerability, please mention them in your email but ***DO NOT*** attempt to include them as +attachments as this may cause your Email to be blocked by spam filters.