22 lines
1 KiB
Markdown
22 lines
1 KiB
Markdown
|
# Security Policy
|
||
|
|
|
||
|
|
## Reporting a Vulnerability
|
||
|
|
|
||
|
|
It is highly appreciated to report a vulnerability to the Monal developers. We kindly ask you to not
|
||
|
|
disclose it until it has been fixed. This prevents abuse and exploitation in the current published releases.
|
||
|
|
|
||
|
|
Please report issues directly via mail to info@monal-im.org.
|
||
|
|
|
||
|
|
Please try to report in detail:
|
||
|
|
- what you are concerned about
|
||
|
|
- if applicable, how to reproduce
|
||
|
|
- your contact details, if the sending email is not enough. That way we can ask questions back to you.
|
||
|
|
|
||
|
|
You are also invited to make a recommendation on how to fix a potential security vulnerability.
|
||
|
|
|
||
|
|
Once a vulnerability has been reported and confirmed we try our very best to provide a fix as soon as possible,
|
||
|
|
at its best within days. However, depending on the potential issue it can take longer if many code sections need to be changed.
|
||
|
|
Please keep in mind that this is a non-commercial software project run by volunteers.
|
||
|
|
|
||
|
|
Thank you for considering to report a security vulnerability. This improves the quality of the app significantly.
|