archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add community/third-party apps note to security policy

Browse Source 
Just making it match the new global one in nextcloud/.github#241

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
pull/41136/head
Josh Richards 7 months ago committed by GitHub
parent e98be0a147
commit e86ba2b85d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File

7
SECURITY.md
Unescape Escape View File

@ -39,6 +39,10 @@ The vulnerability will be publicly announced after the release. Finally, your na
to the [hall of fame](https://hackerone.com/nextcloud/thanks) as a thank you from the entire Nextcloud
community.
If the vulnerability involves an app that is not maintained by Nextcloud (i.e. hosted by the
Nextcloud project but community maintained, or hosted elsewhere), the security team will try to coordinate with the
current maintainer and help to get the issue fixed in similar fashion.
### Bug Bounties
If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Details
@ -47,8 +51,7 @@ on past bounty ranges can be found at [hackerone.com/nextcloud](https://hackeron
## Existing Security Advisories
Published security advisories for the Nextcloud Server, Clients and Apps can be viewed at
[https://github.com/nextcloud/security-advisories/security/advisories](https://github.com/nextcloud/security-advisories/security/advisories
).
[https://github.com/nextcloud/security-advisories/security/advisories](https://github.com/nextcloud/security-advisories/security/advisories).
## Supported Versions

Write Preview
Loading…
Cancel
Save