ramalama/SECURITY.md at ec166b6aba670acef60da99e50f37e1e55b77dc4

mirror of https://github.com/containers/ramalama.git synced 2026-02-05 06:46:39 +01:00

Files

Daniel J Walsh 329fedcbf6 Update SECURITY.md. Use github issues for security vulnerabilities

Fixes: https://github.com/containers/ramalama/issues/2063

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

2025-10-29 15:53:41 -04:00

1.3 KiB

Raw Blame History

Security and Disclosure Information Policy for the RamaLama Project

Reporting Security Vulnerabilities

If you discover a security vulnerability in RamaLama, please report it through GitHub's Security Advisory system. This allows us to coordinate a fix and disclosure process that protects users.

Please DO NOT report the issue publicly via the GitHub issue tracker, mailing list, or IRC. Please do not create a public issue.

How to Report

Go to our security advisory page to privately report the vulnerability.
Provide detailed information about the vulnerability, including:
- Description of the issue
- Steps to reproduce
- Potential impact
- Suggested fix (if available)

Your report will be reviewed by the maintainers, and we will work with you to understand and address the issue promptly.

What to Expect

Acknowledgment: We will acknowledge receipt of your vulnerability report within 48 hours
Updates: We will keep you informed about our progress in addressing the vulnerability
Credit: We will credit you for the discovery when we publish the fix (unless you prefer to remain anonymous)

Thank you for helping keep RamaLama and its users secure!

1.3 KiB Raw Blame History

Security and Disclosure Information Policy for the RamaLama Project

Reporting Security Vulnerabilities

How to Report

What to Expect

1.3 KiB

Raw Blame History