Merge branch 'security-policy' into 'develop'

Add security policy for Pleroma backend Closes #1848 See merge request pleroma/pleroma!2862
author: lain <lain@soykaf.club> 2020-08-09 11:06:54 +0000
committer: lain <lain@soykaf.club> 2020-08-09 11:06:54 +0000
commit: 7625e509508a60f5a431ed52790f9eadbcda15c3 (patch)
tree: 1c3efbd8ff7ac8a2edcd407596a345aa48f0a92b
parent: ad29a4f2cf4496aaa9463e11d94b35364e9cddae (diff)
parent: 881fdb3a97740425555f4f8b9ddb75123ace73b7 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..c212a2505
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Pleroma backend security policy
+
+## Supported versions
+
+Currently, Pleroma offers bugfixes and security patches only for the latest minor release.
+
+| Version | Support 
+|---------| --------
+| 2.0     | Bugfixes and security patches
+
+## Reporting a vulnerability
+
+Please use confidential issues (tick the "This issue is confidential and should only be visible to team members with at least Reporter access." box when submitting) at our [bugtracker](https://git.pleroma.social/pleroma/pleroma/-/issues/new) for reporting vulnerabilities.
+## Announcements
+
+New releases are announced at [pleroma.social](https://pleroma.social/announcements/). All security releases are tagged with ["Security"](https://pleroma.social/announcements/tags/security/). You can be notified of them by subscribing to an Atom feed at <https://pleroma.social/announcements/tags/security/feed.xml>.
author	lain <lain@soykaf.club>	2020-08-09 11:06:54 +0000
committer	lain <lain@soykaf.club>	2020-08-09 11:06:54 +0000
commit	7625e509508a60f5a431ed52790f9eadbcda15c3 (patch)
tree	1c3efbd8ff7ac8a2edcd407596a345aa48f0a92b
parent	ad29a4f2cf4496aaa9463e11d94b35364e9cddae (diff)
parent	881fdb3a97740425555f4f8b9ddb75123ace73b7 (diff)