DL-Mirrors/termux-packages
0
0
Fork 1
mirror of https://github.com/termux-pacman/termux-packages.git synced 2025-12-22 03:30:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Ivan Max
2023-08-20 23:34:19 +03:00
committed by GitHub
parent 0d43655b22
commit 060dc29527
1 changed files with 1 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
SECURITY.md
View File

@@ -1,21 +1,3 @@
# Security Policy
## Supported Versions
The Termux-Pacman organization provides packages that work in `android 7+`, as well as signatures for packages that are built with the latest version of `gpg`.
**NOTE:** not all packages are signed.
## Reporting a Vulnerability
The Termux-Pacman organization deals with vulnerability issues in the following cases:
- If a vulnerability has been found in our services.
- If a vulnerability was found in package signatures.
- If the package has not been updated in which the vulnerability of the package is fixed.
The Termux-Pacman organization does not deal with the issue of fixing the vulnerability in the packages themselves, but we are ready to help the creator/organization know about the vulnerability in their packages.
To report a vulnerability, you must send an email to [pacman@termux.dev](mailto:pacman@termux.dev) with the following information:
- Subject must begin with the text `[Reporting Vulnerability]`.
- Provide proof or detailed information about the vulnerability.
Without this, the email may not be seen immediately or be ignored. Once submitted, your email will be reviewed to confirm the vulnerability. If a vulnerability has been confirmed, then steps will be taken to fix the vulnerability.
All security policy information is located at [termux-pacman.dev/security](https://termux-pacman.dev/security/).