librespot/SECURITY.md

21 lines
915 B
Markdown
Raw Permalink Normal View History

2022-08-01 20:46:05 +00:00
# Security Policy
## Supported Versions
We will support the latest release and main development branch with security updates.
## Reporting a Vulnerability
If you believe to have found a vulnerability in `librespot` itself or as a result from
one of its dependencies, please report it by contacting one or more of the active
maintainers directly, allowing no less than three calendar days to receive a response.
If you believe that the vulnerability is public knowledge or already being exploited
in the wild, regardless of having received a response to your direct messages or not,
please create an issue report to warn other users about continued use and instruct
them on any known workarounds.
On your report you may expect feedback on whether we believe that the vulnerability
is indeed applicable and if so, when and how it may be fixed. You may expect to
be asked for assistance with review and testing.