mirror of
https://github.com/roundcube/roundcubemail.git
synced 2026-03-24 08:46:56 +01:00
19 lines
967 B
Markdown
19 lines
967 B
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
Check our website's [download page](https://roundcube.net/download/) to see which versions are still supported and will receive security updates.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you found a security issue or vulnerability of the software, please report with direct and encrypted email to *thomas[at]roundcube.net*
|
|
and *alec[at]alec.pl*. You can find the according PGP public keys on the major public keyservers like [pgp.key-server.io](https://pgp.key-server.io).
|
|
|
|
Your report should include clear steps for reproduction and a classification of the found vulnerability.
|
|
|
|
## Publishing and Credits
|
|
|
|
We're dedicated to analyze and fix the reported issues as fast a possible. Usually within days we'll have an update ready.
|
|
Together with the reporter we plan the releasing and the disclosure of the found and fixed vulnerability.
|
|
Credits to the reporter are granted and can be included in all public communication if desired.
|