Security Policy for rsslay.
Please refer to this document regarding security concerns, issues or vulnerabilities that can be disclosed.
Only the latest minor version is currently being supported with security updates.
As of now the following versions are covered with security updates:
| Version | Supported |
|---|---|
| 0.5.x | ✅ |
| < 0.5.0 | ❌ |
If you found a vulnerability, please report it to my mail raul[at]piraces.dev. You can sign the message using my PGP Key always updated at KeyOxide. You can also encrypt the message in the form that KeyOxide provides.
When contacting back, you can check my signature in KeyOxide too.
After receiving the corresponding report, the security issue should be addressed in two weeks or less. Either the vulnerability is accepted or declined it will be always welcomed, explained and addressed.
If the vulnerability is accepted a public issue will be raised to track the vulnerability (depending the case, it may be after the vulnerability is solved with a patch).
Thank you.