Skip to content

Commit

Permalink
Document vulnerability reporting process
Browse files Browse the repository at this point in the history 
Signed-off-by: Jussi Nummelin <[email protected]>
  • Loading branch information
@jnummelin
jnummelin committed Jan 8, 2025
1 parent fd3b880 commit 53adbde
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Security Policy

## Supported Versions

Following versions are supported and maintained:

| Version | Supported |
|-----------|--------------------|
| v1.31.x | :white_check_mark: |
| v1.30.x | :white_check_mark: |
| v1.29.x | :white_check_mark: |
| < v1.29.x | :x: |

## Reporting a Vulnerability

k0s supports responsible disclosure and endeavors to resolve security issues in a reasonable timeframe.

To report a security vulnerability, you can use Github [private security reporting] feature under the [Security tab].
That allows the reporter and maintainers to coordinate the disclosure and the fix before public disclosure.

[Security tab]: https://github.com/k0sproject/k0s/security
[private security reporting]: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability

0 comments on commit 53adbde

Please sign in to comment.