diff options
| author | Maryna Herasimovich <m.herasimovich@f5.com> | 2024-08-28 20:51:54 -0700 |
|---|---|---|
| committer | Roman Arutyunyan <arutyunyan.roman@gmail.com> | 2024-09-02 20:10:28 +0400 |
| commit | 3b16b46aae979b9a130c5dd42430dda37b623282 (patch) | |
| tree | f7205462bfd8438433ccb92d6f0f804f88f9fe9a | |
| parent | e73ac62294ae85977dde1e8159857e6a4d227f26 (diff) | |
| download | nginx-3b16b46aae979b9a130c5dd42430dda37b623282.tar.gz nginx-3b16b46aae979b9a130c5dd42430dda37b623282.zip | |
Added security policy.
| -rw-r--r-- | SECURITY.md | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..2b48e47e3 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,20 @@ +# Security Policy + +## Latest Versions + +We advise users to run the most recent mainline or stable release of nginx. + +## Reporting a Vulnerability + +Please report any vulnerabilities via one of the following methods +(in order of preference): + +1. [Report a vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) +within this repository. We are using the Github workflow that allows us to +manage vulnerabilities in a private manner and to interact with reporters +securely. + +2. [Report directly to F5](https://www.f5.com/services/support/report-a-vulnerability). + +3. Report via email to security-alert@nginx.org. +This method will be deprecated in the future. |