Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2026-03-02 07:00:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add a note about typical timelines for security incident responses

Browse Source
This commit is contained in:
Kovid Goyal 2025-09-14 21:13:58 +05:30
parent 5ef384300d
commit ce333c9de4
No known key found for this signature in database
GPG Key ID: 06BC317B515ACE7C
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
SECURITY.md
View File

@ -3,3 +3,10 @@ To report security vulnerabilities, open a normal bug report in the
Additionally, you can use GitHub Private security advisories against this
repository to report issues.
Note that I will respond to security communication within 72 hours. Once
the bug is confirmed, it will be fixed or at least mitigated within another 72
hours, at which time the fix will typically be committed to master and hence be
public. That timeline might be extended based on the severity of the issue and the
current state of master in terms of making a new release, if so, it will be
done in consultation with the issue reporter.