Skip to content

Security: hammadmajid/zablib

Security

SECURITY.md

Security Policy

Supported Versions

Since zablib is currently in pre-alpha and has not had an official release, all versions are considered unstable and unsupported for production use.

Reporting a Vulnerability

If you discover a vulnerability in zablib, please follow these steps:

  1. Do not create a public issue. Instead, send an email to hammadmajid@proton.me with the following details:

    • A detailed description of the vulnerability.
    • Steps to reproduce the issue.
    • Any potential impacts.
    • Your contact information.

  2. Expected Response Time:

    • I will acknowledge receipt of your report within 72 hours.
    • I will provide an initial assessment and any next steps within 7 days.

  3. Handling the Issue:

    • I will investigate and verify the vulnerability.
    • If necessary, I will prepare a fix and a corresponding advisory.
    • I will inform you of the resolution and give you credit for the discovery, if desired.

Responsible Disclosure

To protect users, I request that you follow responsible disclosure practices:

  • Do not disclose the vulnerability publicly until I have addressed it.
  • Give me a reasonable amount of time to resolve the issue.

Security Best Practices

To maintain the security of your installation, I recommend:

  • Regularly updating to the latest version of the software as it becomes available.
  • Reviewing and following any security recommendations provided in the documentation.

Thank you for helping to keep zablib secure.

There aren’t any published security advisories