DL-Mirrors/termux-packages
0
0
Fork 1
mirror of https://github.com/termux-pacman/termux-packages.git synced 2025-12-27 06:00:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c1c965024ecc493e09fadac0e933cb9f94de8f52
termux-packages/SECURITY.md
҉αkα x⠠⠵ 19de923f00 Create SECURITY.md (#13) 
Co-authored-by: Maxython <mixython@gmail.com>
2023-08-09 16:30:01 +03:00

1.2 KiB
Raw Blame History

Security Policy

Supported Versions

The Termux-Pacman organization provides packages that work in android 7+, as well as signatures for packages that are built with the latest version of gpg.
NOTE: not all packages are signed.

Reporting a Vulnerability

The Termux-Pacman organization deals with vulnerability issues in the following cases:

  • If a vulnerability has been found in our services.
  • If a vulnerability was found in package signatures.
  • If the package has not been updated in which the vulnerability of the package is fixed.

The Termux-Pacman organization does not deal with the issue of fixing the vulnerability in the packages themselves, but we are ready to help the creator/organization know about the vulnerability in their packages.

To report a vulnerability, you must send an email to pacman@termux.dev with the following information:

  • Subject must begin with the text [Reporting Vulnerability].
  • Provide proof or detailed information about the vulnerability.

Without this, the email may not be seen immediately or be ignored. Once submitted, your email will be reviewed to confirm the vulnerability. If a vulnerability has been confirmed, then steps will be taken to fix the vulnerability.