Support for security updates of sumocli will be based on the current version + n-2. Meaning when v0.3.0 is released then versions 0.1.0, 0.2.0 and 0.3.0 will be supported. However, once version 0.4.0 is released then version 0.1.0 will no longer be supported.
Version | Supported |
---|---|
0.2.0 | ✅ |
0.1.0 | ✅ |
If you have found a security vulnerability in sumocli then you can report it to kyle@thepublicclouds.com and I will aim to reply to you within 1 week (it could be sooner but it gives me some buffer for other life things that could come up).
When submitting a security vulnerability can you please ensure you include a PoC (proof of concept) explaining the impact of the vulnerability.
If you are attaching files to the email please ensure they are only .txt files any other file formats won't be accepted or read (mainly because my spam filter will delete them) :)