File: SECURITY.md

package info (click to toggle)
otpclient 4.4.1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,340 kB
  • sloc: ansic: 8,885; xml: 740; sh: 9; makefile: 3
file content (26 lines) | stat: -rw-r--r-- 1,140 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# Security Policy

## Supported Versions

The following list describes whether a version is eligible or not for security updates.

| Version | Supported              | EOL         |
|---------|------------------------|-------------|
| 4.4.x   | :white_check_mark: Yes | -           |
| 4.3.x   | :white_check_mark: Yes | 30-Apr-2026 |
| 4.2.x   | :x: No                 | 20-Feb-2026 |
| 4.1.x   | :x: No                 | 06-Feb-2026 |
| 4.0.x   | :x: No                 | 30-Jun-2025 |

## Reporting a Vulnerability

If you discover a potential security vulnerability, please report it **privately** via email to [info@paolostivanin.com](mailto:info@paolostivanin.com)

### Disclosure Process

The responsible disclosure process is as follows:

1. A security issue is reported via email.
2. Within **24 hours**, you will receive an acknowledgment with initial feedback (e.g. confirmation of the issue and its severity).
3. Within **7 days**, a fix will be developed and released.
4. Once the fix is publicly available, a corresponding [security advisory](https://github.com/paolostivanin/OTPClient/security/advisories) will be published.