|
@@ -0,0 +1,16 @@ |
|
|
|
|
|
# Security Policy |
|
|
|
|
|
|
|
|
|
|
|
## Supported Versions |
|
|
|
|
|
|
|
|
|
|
|
For Kosmorrolib, the library that actually makes the calculations, the last patch of the two last minor versions are supported. |
|
|
|
|
|
Therefore, once a new minor version of Kosmorrolib is released, you have some time to upgrade before it comes to End-of-Life. |
|
|
|
|
|
|
|
|
|
|
|
Currently supported versions of Kosmorrolib are listed at [kosmorro.space](https://kosmorro.space/support/versions/). |
|
|
|
|
|
|
|
|
|
|
|
## Reporting a Vulnerability |
|
|
|
|
|
|
|
|
|
|
|
If you find any vulnerability, please don't open an issue directly, and send me an email to [jerome+kosmorrolib@deuchnord.fr](mailto:jerome+kosmorrolib@deuchnord.fr?subject=Vulnerability+in+Kosmorrolib) with the subject: _"Vulnerability in Kosmorrolib"_ to describe the exact nature of the vulnerability. |
|
|
|
|
|
If the vulnerability can be reproduced on my side, then a patch will be made along with a security advisory. |
|
|
|
|
|
If I cannot reproduce the vulnerability, then I will send you an email to ask for more information. |
|
|
|
|
|
|
|
|
|
|
|
Thank you! |