Create SECURITY.md

TownSuite · May 24, 2024 · d3b905a · d3b905a
1 parent fca9318
commit d3b905a
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,23 @@
+# Security Policy
+
+## Supported Versions
+
+
+We release patches for security vulnerabilities.  Which versions are eligible for receiving such patches depends on the CVSS v3.0 Rating:
+
+| CVSS v3.0 | Supported Versions                        |
+| --------- | ----------------------------------------- |
+| 9.0-10.0  | Current and previous LTS release.         |
+| 4.0-8.9   | Most recent release                       |
+
+An LTS release will generally be labelled as with a YEAR.RELEASE format such as __2022.R1__ or __2022.R2__. 
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to the TownSuite support department. 
+If the issue is confirmed, we will release a patch.
+
+
+### Example Report
+**subject**: Security Vulnerability in TownSuite.TwainScanner
+**content**: TownSuite.TwainScanner version <version number> contains a security vulnerability.  The details are as follows .......