Skip to content

Latest commit

 

History

History
19 lines (13 loc) · 1 KB

SECURITY.md

File metadata and controls

19 lines (13 loc) · 1 KB

Security Policy

Eclipse Hono follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse security team, in cooperation with the Hono project lead. Fixing vulnerabilities is taken care of by the Hono project committers, with assistance and guidance of the security team.

Supported Versions

Eclipse Hono provides security updates for the two most recent minor versions.

Note that this means that in case of a new major version being released, older releases of the previous major version will no longer be supported. For example, assuming that versions 1.12.x and 1.11.x are the two most recent minor versions, then version 1.11.x will no longer be supported once any of version 2.0.0 or version 1.13.0 has been released.

Reporting a Vulnerability

We recommend that in case of suspected vulnerabilities you do not create a GitHub issue, but instead contact the Eclipse Security Team directly sending an email to security@eclipse.org.