archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Apply suggestions

Browse Source 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
pull/40966/head
Josh Richards 7 months ago committed by GitHub
parent 59366eebb8
commit 0ded3ad2b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File

9
SECURITY.md
Unescape Escape View File

@ -11,7 +11,6 @@ Please review our [threat model and accepted risks](https://nextcloud.com/securi
is currently considered a security vulnerability versus expected behavior. And review what is considered
[in scope or bounty eligible](https://hackerone.com/nextcloud/policy_scopes).
You can expect a response within 24 hours in most cases.
## Reporting a Vulnerability
@ -33,9 +32,9 @@ Your report should include:
You should receive an initial acknowledgement within 24 hours in most cases.
A member of the security team will confirm the vulnerability, determine its impact, follow-up with any questions,
and coordinate a fix.
and coordinate the fix and publication.
The fix will be applied to the `master` branch, tested, and packaged in the next security release.
The fix will be applied to all applicable and still supported stable branches, tested, and packaged in the next security release.
The vulnerability will be publicly announced after the release. Finally, your name will be added
to the [hall of fame](https://hackerone.com/nextcloud/thanks) as a thank you from the entire Nextcloud
community.
@ -47,13 +46,13 @@ on past bounty ranges can be found at [hackerone.com/nextcloud](https://hackeron
## Existing Security Advisories
Past advisories can be viewed at
Published security advisories for the Nextcloud Server, Clients and Apps can be viewed at
[https://github.com/nextcloud/security-advisories/security/advisories](https://github.com/nextcloud/security-advisories/security/advisories
).
## Supported Versions
The latest three major release versions of Nextcloud are currently being supported with security updates.
Nextcloud Server major release versions are being supported with security updates for 1 year after their initial release.
Please visit https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule for further details.
## Additional Information

Write Preview
Loading…
Cancel
Save