mirror of
				https://github.com/zulip/zulip.git
				synced 2025-10-24 16:43:57 +00:00 
			
		
		
		
	docs: Create GitHub SECURITY.md file.
It seems worth participating in this GitHub standard.
This commit is contained in:
		
							
								
								
									
										28
									
								
								SECURITY.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								SECURITY.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,28 @@ | |||||||
|  | # Security Policy | ||||||
|  |  | ||||||
|  | Security announcements are sent to zulip-announce@googlegroups.com, | ||||||
|  | so you should subscribe if you are running Zulip in production. | ||||||
|  |  | ||||||
|  | ## Reporting a Vulnerability | ||||||
|  |  | ||||||
|  | We love responsible reports of (potential) security issues in Zulip, | ||||||
|  | whether in the latest release or our development branch. | ||||||
|  |  | ||||||
|  | Our security contact is security@zulip.com.  Reporters should expect a | ||||||
|  | response within 24 hours. | ||||||
|  |  | ||||||
|  | Please include details on the issue and how you'd like to be credited | ||||||
|  | in our release notes when we publish the fix. | ||||||
|  |  | ||||||
|  | Our [security | ||||||
|  | model](https://zulip.readthedocs.io/en/latest/production/security-model.html) | ||||||
|  | document may be a helpful resource. | ||||||
|  |  | ||||||
|  | ## Supported Versions | ||||||
|  |  | ||||||
|  | Zulip provides security support for the latest major release, in the | ||||||
|  | form of minor security/maintenance releases. | ||||||
|  |  | ||||||
|  | We work hard to make | ||||||
|  | [upgrades](https://zulip.readthedocs.io/en/latest/production/upgrade-or-modify.html#upgrading-to-a-release) | ||||||
|  | reliable, so that there's no reason to run older major releases. | ||||||
		Reference in New Issue
	
	Block a user