This document outlines security procedures for the open-source projects of the L4Re Operating System Framework as found on https://github.com/kernkonzept.
Security is very important to us and we take all security vulnerabilities seriously. Thank you for improving the security of our open source software. If you have discovered a security issue, we appreciate your efforts and your responsible disclosure.
Please report a security vulnerability by sending an encrypted email to our security team using our public key to security@kernkonzept.com. The fingerprint of our public key is
C4DC 2909 A22E D080 C012 5373 4055 CBA2 A4FD 855B
Please include the following in your report:
- A description of the vulnerability
- Steps to reproduce the vulnerability
A member of Kernkonzept's security team will confirm the vulnerability, determine its impact, and develop a fix. The fix will be applied to the master branch, tested, and released.