Merge pull request #133 from frankhommers/security-policy

frankhommers · web-flow · commit 4e6712a3a6f7 · 2019-12-03T13:51:45.000+01:00
Created Security Policy
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,23 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.6.3   | :white_check_mark: |
+| < 1.6.3 | :x:                |
+
+
+## Reporting a Vulnerability
+
+Do not create a new issue ticket with the detailed information of the vulnerability under any circumstances!
+
+All vulnerabilities can be reported directly to the main project maintainers (currently @frankfommers and @vytautask) directly
+ via email (frank-hfpg[at]hommers[dot]nl or vytautaskasp[at]gmail[dot]com respectively). We should get back to you in 24 hours. Please include as much information as possible (if you have a POC - even better). All security issues have our highest attention and will be solved ASAP. 
+ 
+You would help us out if you also include a fix in a pull request. That way we can quickly release a fix.
+
+Thank you for your understanding.
