2021-06-13 14:39:33 +02:00
|
|
|
# Security Policy
|
|
|
|
|
|
2022-03-15 18:38:36 +01:00
|
|
|
## Supported versions
|
2021-06-13 14:39:33 +02:00
|
|
|
|
2022-03-15 18:38:36 +01:00
|
|
|
As of now, only the latest stable version is supported.
|
2021-06-13 14:39:33 +02:00
|
|
|
|
|
|
|
|
| Version | Supported |
|
|
|
|
|
| ------- | ------------------ |
|
2022-03-15 18:38:36 +01:00
|
|
|
| 23. x | :white_check_mark: |
|
|
|
|
|
| 22. x | :x: |
|
|
|
|
|
| 21. x | :x: |
|
2021-06-13 14:39:33 +02:00
|
|
|
|
2022-03-15 18:38:36 +01:00
|
|
|
Please update to the latest version available. Major migrations are always tested before being pushed.
|
|
|
|
|
|
|
|
|
|
## Automated vulnerability scanning
|
|
|
|
|
|
|
|
|
|
Uploaded images are regularly scanned for [OS vulnerabilities](https://github.com/Wonderfall/docker-nextcloud/security/code-scanning).
|
|
|
|
|
|
|
|
|
|
## Reporting a vulnerability
|
2021-06-13 14:39:33 +02:00
|
|
|
|
|
|
|
|
*Upstream* vulnerabilities should be reported to *upstream* projects according to their own security policies.
|
|
|
|
|
|
|
|
|
|
Regarding vulnerabilities specific to this project:
|
|
|
|
|
- Faulty configuration files
|
|
|
|
|
- Unsafe defaults
|
|
|
|
|
- Dependencies security updates
|
|
|
|
|
|
|
|
|
|
Those can be disclosed in private to `wonderfall@pm.me` or `wonderfall:targaryen.house` on Matrix (preferred).
|
