Create SECURITY.md
This commit is contained in:
Todd Gamblin
24
SECURITY.md
Normal file
24
SECURITY.md
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
# Security Policy
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
We provide security updates for the following releases.
|
||||||
|
For more on Spack's release structure, see
|
||||||
|
[`README.md`](https://github.com/spack/spack#releases).
|
||||||
|
|
||||||
|
|
||||||
|
| Version | Supported |
|
||||||
|
| ------- | ------------------ |
|
||||||
|
| develop | :white_check_mark: |
|
||||||
|
| 0.16.x | :white_check_mark: |
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
To report a vulnerability or other security
|
||||||
|
issue, email maintainers@spack.io.
|
||||||
|
|
||||||
|
You can expect to hear back within two days.
|
||||||
|
If your security issue is accepted, we will do
|
||||||
|
our best to release a fix within a week. If
|
||||||
|
fixing the issue will take longer than this,
|
||||||
|
we will discuss timeline options with you.
|
||||||
Reference in New Issue
Block a user