From 41c957b8071d0854de44b63ea584251016eb5e60 Mon Sep 17 00:00:00 2001 From: Ralph Slooten Date: Tue, 23 Jul 2024 17:23:56 +1200 Subject: [PATCH] Add security policy --- SECURITY.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..1a147296f --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,19 @@ +# Reporting security vulnerabilities + +Your efforts to responsibly disclose your findings are appreciated. + +** **Please do _not_ report security vulnerabilities through public GitHub issues.** ** + +If you believe you have found a **security vulnerability**, then please report it to security@axllent.org so +your findings can be investigated, and if confirmed, fixed and released in a timely manner. + +Your report should include: + +- Mailpit version +- A vulnerability description +- Reproduction steps (if applicable) +- Any other details you think are likely to be important + +You should receive an initial acknowledgement within 24 hours in most cases, and will kept updated throughout the process. + +With your consent, your contributions will be publicly acknowledged.