File tree 1 file changed +20
-0
lines changed
1 file changed +20
-0
lines changed Original file line number Diff line number Diff line change 1+ # Security Policy
2+
3+ ## Supported Versions
4+
5+ It is generally recommended to use the latest release as this project
6+ does not maintain multiple stable branches and providing packages e.g.
7+ for Linux distributions is outside our scope. In particular, versions
8+ before 0.3.18 can be assumed to carry the out-of-bounds-read error in
9+ the LAPACK ?LARRV family of functions that was the subject of
10+ CVE-2021 -4048
11+
12+ ## Reporting a Vulnerability
13+
14+ If you suspect that you have found a vulnerability - a defect that could
15+ be abused to compromise the security of a user's code or systems - please
16+ do not use the normal github issue tracker (except perhaps to post a general
17+ warning if you deem that necessary). Instead, please contact the project
18+ maintainers through the email addresses given in their github user profiles.
19+ Defects found in the "lapack-netlib" subtree should ideally be reported to
20+ the maintainers of the reference implementation of LAPACK,
[email protected]
You can’t perform that action at this time.
0 commit comments