1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
# Security policy
If you have discovered a security vulnerability in this project,
please report it privately. Do not disclose it as a public issue. This
gives us time to work with you to fix the issue before public
exposure, reducing the chance that the exploit will be used before a
patch is released.
This project is maintained by a team of volunteers on a
reasonable-effort basis. As such, please give us at least 90 days to
work on a fix before public exposure. We will contact you back within
2 business days after reporting the issue.
Thanks for helping make PySequoia safe for everyone!
## Reporting a vulnerability
Please, report the vulnerability either through [new security advisory form][ADV] or by directly contacting our security contacts.
[ADV]: https://github.com/wiktor-k/pysequoia/security/advisories/new
Security contacts:
- [Wiktor Kwapisiewicz][WK], preferably encrypted with the following
OpenPGP key: [`6539 09A2 F0E3 7C10 6F5F AF54 6C88 57E0 D8E8
F074`][KEY].
[WK]: https://github.com/wiktor-k
[KEY]: https://keys.openpgp.org/vks/v1/by-fingerprint/653909A2F0E37C106F5FAF546C8857E0D8E8F074
## Supported Versions
Security updates are applied only to the most recent release.
|
