New file |
| | |
| | | # Security Policy |
| | | |
| | | ## Supported Versions |
| | | |
| | | The OpenIndiana project commits to providing fixes or mitigations to each |
| | | and every security vulnerability in software we provide. List of source |
| | | code repositories of software we develop is to be found in the |
| | | [documentation](https://docs.openindiana.org/dev/building-openindiana/#source-repositories). |
| | | |
| | | Note that most of the software we deliver is developed independently and |
| | | we merely distribute it. As such the original software author should be made |
| | | aware about a potential security issue. |
| | | |
| | | Priority with which we handle security issues is based on the severity |
| | | of the issue. |
| | | |
| | | OpenIndiana is a rolling release distribution and has only one maintained |
| | | branch called *hipster*. Other (historical) branches are not supported. |
| | | |
| | | ## Reporting a Vulnerability |
| | | |
| | | If you are aware of a security vulnerability in software delivered by |
| | | the OpenIndiana project, please send us an email to security@openindiana.org. |
| | | Thank you! |
| | | |
| | | Also see the [Security Issues](https://www.openindiana.org/community/security-issues/) |
| | | page on our website. |