1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Security policy
===============
**Do not report security vulnerabilities through public GitHub issues.**
Instead, you can report security vulnerabilities using [our security page].
Please include as much of the following information as possible:
* Type of issue (e.g. buffer overflow, privilege escalation, etc.)
* The location of the affected source code (tag/branch/commit or direct URL)
* Any special configuration required to reproduce the issue
* If applicable, which platforms are affected
* Step-by-step instructions to reproduce the issue
* Impact of the issue, including how an attacker might exploit the issue
## Preferred Languages
We prefer to receive reports in English. If necessary, we also understand Dutch and Frisian.
## Disclosure Policy
We adhere to the principle of [coordinated vulnerability disclosure].
Security Advisories
===================
Security advisories will be published on our [github advisories page] and
possibly through other channels.
[our security page]: https://github.com/trifectatechfoundation/bzip2-rs/security
[coordinated vulnerability disclosure]: https://vuls.cert.org/confluence/display/CVD/Executive+Summary
[github advisories page]: https://github.com/trifectatechfoundation/libbzip2-rs/security/advisories
|
