From d5c985eb11c6cd11652cbc53359ff643c0bb06f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Sun, 31 May 2026 16:04:33 +0200 Subject: [PATCH] core: add security policy in SECURITY.md --- CONTRIBUTING.md | 3 +-- SECURITY.md | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 SECURITY.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 193c98b10..96c9bef81 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -19,8 +19,7 @@ First, some basic things: ### Security reports -Please **DO NOT** file a GitHub issue for security related problems, but send an -email to [security@weechat.org](mailto:security@weechat.org) instead. +Please **DO NOT** file a GitHub issue for security related problems; see [SECURITY.md](SECURITY.md) instead. ### Required info diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..76697fd51 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,26 @@ + + +# Security Policy + +## Supported versions + +Only the latest stable version of WeeChat is supported. + +| Version | Supported | Notes | +| -------------- | ------------------ | --------------------------------------------------- | +| Latest stable | :white_check_mark: | Fully supported. | +| Older releases | :x: | Not supported. Contact us in case of specific need. | + +However, we may help to backport fixes on older versions, especially when they are used in released distributions with no way to upgrade to the latest stable release (please contact us). + +## Reporting a vulnerability + +Please report security issues using . + +Alternatively, if you are not able to use this form, you can send an email to [security@weechat.org](mailto:security@weechat.org) instead. + +We will investigate all legitimate reports and do our best to quickly fix the problem.