Merge pull request #1899 from IntersectMBO/1855-security-twg

Cmdv · web-flow · commit a34f4d4c5c45 · 2024-11-28T14:43:29.000Z
add SECURITY.md
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to security@intersectmbo.org. You will receive a
+response from us within 48 hours. If the issue is confirmed, we will release a patch as soon
+as possible.
+
+Please provide a clear and concise description of the vulnerability, including:
+
+* the affected version(s) of Open-Source-Office,
+* steps that can be followed to exercise the vulnerability,
+* any workarounds or mitigations
+
+If you have developed any code or utilities that can help demonstrate the suspected
+vulnerability, please mention them in your email but ***DO NOT*** attempt to include them as
+attachments as this may cause your Email to be blocked by spam filters.
+See the security file in the [Cardano engineering handbook](https://github.com/input-output-hk/cardano-engineering-handbook/blob/main/SECURITY.md).
