summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorGabor Javorszky <g.javorszky@f5.com>2024-09-16 18:34:09 +0100
committerAndrew Clayton <a.clayton@nginx.com>2024-09-16 23:01:06 +0100
commitcc863e1526f869a9c6c7f3372f69301bba56f846 (patch)
tree14f43c6fe6ac084190e398585ce2f614fbb39fb4
parentf2e05bc7a9f9396f4701ca951179a4a6f353fbb5 (diff)
downloadunit-cc863e1526f869a9c6c7f3372f69301bba56f846.tar.gz
unit-cc863e1526f869a9c6c7f3372f69301bba56f846.tar.bz2
docs: add SECURITY.md
All new NGINX projects are created from the template repository which has a SECURITY.md file in it. This adopts the file. NOTE; We wrap the file around the 76-78 character mark for consistency and readability. Link: <https://github.com/nginxinc/template-repository> Closes: https://github.com/nginx/unit/issues/1408 Signed-off-by: Gabor Javorszky <g.javorszky@f5.com> [ Tweaked commit message - Andrew ] Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
-rw-r--r--SECURITY.md21
1 files changed, 21 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..450f989d
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Latest Versions
+
+We advise users to run or update to the most recent release of this
+project. Older versions of this project may not have all enhancements
+and/or bug fixes applied to them.
+
+## Reporting a Vulnerability
+
+The F5 Security Incident Response Team (F5 SIRT) has an email alias that
+makes it easy to report potential security vulnerabilities:
+
+- If you’re an F5 customer with an active support contract, please
+contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current
+instances of security vulnerabilities with any F5 product to the
+F5 Security Incident Response Team at <F5SIRT@f5.com>.
+
+For more information please read the F5 SIRT vulnerability reporting
+guidelines available at [https://www.f5.com/services/support/report-a-vulnerability](https://www.f5.com/services/support/report-a-vulnerability). \ No newline at end of file