24 lines
1.4 KiB
Markdown
24 lines
1.4 KiB
Markdown
# Security Policy
|
|
|
|
## What are the supported versions?
|
|
The supported version is the latest commit in the stable, and main branch.
|
|
If you want talk about a bug, vulnerability, or feature please make sure that you are on the latest release, beause maybe the issue has already been resolved or the feature has been added.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Vulnerabilities are important, if you discover them, please report them immediately.
|
|
If you want to report it: create an issue, select vulnerability, read the template and edit it. Congratulations, you just reported a vulnerability!
|
|
|
|
## What order do we follow when fixing a vulnerability
|
|
|
|
We take vulnerabilities seriusly because they are security risks, but some vulnerabilities are more important and dangerous than others.
|
|
For this reason we have a n/10 scale in the vulnerability template.
|
|
We read every vulnerability, and fix them in order of importance.
|
|
|
|
## What security risks do I take when I use XanvicOS?
|
|
|
|
XanvicOS is just a hobby project. I try to fix all the bugs, but sometimes I don't discover some.
|
|
XanvicOS isn't being developed by a multi billion dollar company, but just by a student during his free time.
|
|
By using XanvicOS in a not controlled enviroment (like a VM) you basically accept the fact that by using it you are exposing yourself to some security risks.
|
|
If you find any, please report them. You'll help us.
|