Skip to content

Security: eclipse-hono/hono

Security

SECURITY.md

Security Policy

Eclipse Hono follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse security team, in cooperation with the Hono project lead. Fixing vulnerabilities is taken care of by the Hono project committers, with assistance and guidance of the security team.

Supported Versions

Eclipse Hono provides security updates for the two most recent minor versions.

Note that this means that in case of a new major version being released, older releases of the previous major version will no longer be supported. For example, assuming that versions 1.12.x and 1.11.x are the two most recent minor versions, then version 1.11.x will no longer be supported once any of version 2.0.0 or version 1.13.0 has been released.

Reporting a Vulnerability

We recommend that in case of suspected vulnerabilities you do not create a GitHub issue, but instead contact the Eclipse Security Team directly sending an email to security@eclipse.org.

There aren’t any published security advisories