Vulnerability Disclosure Policy

From Projects by Davis Mosenkovs
Jump to: navigation, search

Vulnerability Disclosure Policy for software projects

If you have noticed any security issues/vulnerabilities within my projects, please contact me by e-mail! In most cases I will release an updated software version (with the security issue fixed and/or documentation updated accordingly) within 90 days from the initial report (sometimes - within 14 days or even faster), however I cannot guarantee anything as I am doing these projects in my spare time. In the report e-mail, if possible, describe possible exploitation/abuse scenarios, give links with more info etc.

Website/server security

If you have noticed any security issues (or abuse) within the website itself (or server hosting it), please notify me as described here.