diff --git a/app/Config/Routes.php b/app/Config/Routes.php index e815f75..9733ab8 100644 --- a/app/Config/Routes.php +++ b/app/Config/Routes.php @@ -37,6 +37,7 @@ $routes->get('download', 'Download::index'); $routes->get('policies', 'Policies::index'); $routes->get('the-fine-print', 'FinePrint::index'); +$routes->get('security-disclosures', 'Disclosures::index'); // Blog $routes->get('news', 'Blog::index'); diff --git a/app/Controllers/Disclosures.php b/app/Controllers/Disclosures.php new file mode 100644 index 0000000..b1c3929 --- /dev/null +++ b/app/Controllers/Disclosures.php @@ -0,0 +1,11 @@ +render('disclosures'); + } +} diff --git a/app/Views/disclosures.php b/app/Views/disclosures.php new file mode 100644 index 0000000..097aea2 --- /dev/null +++ b/app/Views/disclosures.php @@ -0,0 +1,43 @@ += $this->extend('layouts/app') ?> + += $this->section('content') ?> + + +
+The following items have been reported to the CodeIgniter core team and addressed as potential security + concerns. Not all of them will affect your sites, but you should periodically review this list to + determine any threats. +
+ +These disclosures are primarily aimed at the website and surrounding environment. Security disclosures + affecting the framework will be handled through GitHub's built-in Security Advisors functionality. +
+ + +Oct 25, 2021 - The MX reported that the codeigniter.com domain was able to be used for email + spoofing due to the lack of a DKIM record. We updated the DNS to include a DKIM record as a result. +
+