-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
29e8fe8
commit fd97cc4
Showing
1 changed file
with
29 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| ### Security Policy | ||
|
|
||
| #### Supported Versions | ||
|
|
||
| This section outlines which versions of the Cloudflare UFW Updater script are currently supported with security updates. Please use the latest supported version to ensure optimal security and functionality. | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | 1.0.0 | :white_check_mark: | <!-- Currently supported version --> | ||
|
|
||
| #### Reporting a Vulnerability | ||
|
|
||
| If you discover a vulnerability in the Cloudflare UFW Updater script, please help us improve the security of our project by reporting it responsibly. Here’s how you can report a vulnerability: | ||
|
|
||
| - **Where to Report**: Send your vulnerability report via email to [[email protected]](mailto:[email protected]). Please do not report security vulnerabilities through public GitHub issues. | ||
|
|
||
| - **What to Include**: Provide as much information as possible about the vulnerability, including: | ||
| - The version of the script affected. | ||
| - Any relevant details about the environment (OS version, UFW version). | ||
| - Steps to reproduce the vulnerability. | ||
| - Possible impacts (if known). | ||
|
|
||
| - **Response Time**: Our team aims to acknowledge receipt of your vulnerability report within 48 hours. After the initial acknowledgment, we will strive to keep you informed of the progress toward a fix and full announcement, and we may ask for additional information or guidance. | ||
|
|
||
| - **Disclosure Process**: Once the vulnerability has been evaluated and confirmed, we will schedule a fix to be included in the next patch release. We will publicly disclose the vulnerability details after the patch is available, consistent with best practices in responsible disclosure. | ||
|
|
||
| - **Rewards and Acknowledgments**: While we currently do not offer a bounty for vulnerability reports, we publicly acknowledge contributors in our release announcements and project documentation who responsibly report security issues. | ||
|
|
||
| This policy ensures that all security concerns are handled promptly and effectively, maintaining the highest level of security for users of the Cloudflare UFW Updater script. |