Skip to content

Security: ekdahl/webtrees

Security

SECURITY.md

Security Policy

Supported Versions

The latest versions of the main and 2.1 branches are supported for security issues.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Please do not report security vulnerabilities on the project forum.

Security issues should be reported directly to the project maintainer, Greg Roach.

Timescales

You should expect an acknowledgement within 24 hours.

Remember that not all emails get delivered, and that some parts of the world do not have internet access. If you do not get a reply, please send a follow-up email. If there is still no reply, try to make contact through the project forum at www.webtrees.net

Depending on the complexity and severity of the issue, I will aim to publish a fix within 2-7 days.

Disclosure

Please wait for the fix to become available before publishing details of the issue.

Attribution

If you would like to be credited for your discovery, please say so.

There aren’t any published security advisories