docker-nextcloud/SECURITY.md

# Security Policy

## Supported versions

All versions of the Nextcloud community version which still receive updates will be supported 
and will receive the minor version updates and security patches.

| Version | Supported          |
| ------- | ------------------ |
| 28. x   | :white_check_mark: |
| 27. x   | :white_check_mark: |
| 26. x   | :white_check_mark: |
| 25. x   | :negative_squared_cross_mark: |
| 24. x   | :negative_squared_cross_mark: |
| 23. x   | :negative_squared_cross_mark: |
| 22. x   | :negative_squared_cross_mark: |

Please update to the latest version available. Major migrations are always tested before being pushed.
An up-to-date list of the currently maintained Nextcloud versions can also be found in the [Nextcloud Repository Wiki](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule).

## Automated vulnerability scanning

Uploaded images are regularly scanned for [OS vulnerabilities](https://github.com/Wonderfall/docker-nextcloud/security/code-scanning).

## Reporting a vulnerability

*Upstream* vulnerabilities should be reported to *upstream* projects according to their own security policies.

Regarding vulnerabilities specific to this project:
- Faulty configuration files
- Unsafe defaults
- Dependencies security updates

Those can be disclosed in private to `dev@hoellen.eu`.
Create SECURITY.md 2021-06-13 14:39:33 +02:00			`# Security Policy`

Update SECURITY.md 2022-03-15 18:38:36 +01:00			`## Supported versions`
Create SECURITY.md 2021-06-13 14:39:33 +02:00
Update README.md and SECURITY.md 2022-05-05 21:56:17 +02:00			`All versions of the Nextcloud community version which still receive updates will be supported`
			`and will receive the minor version updates and security patches.`
Create SECURITY.md 2021-06-13 14:39:33 +02:00
			`\| Version \| Supported \|`
			`\| ------- \| ------------------ \|`
chore: update Nextcloud to 28.0.0 2023-12-12 13:28:40 +01:00			`\| 28. x \| :white_check_mark: \|`
			`\| 27. x \| :white_check_mark: \|`
			`\| 26. x \| :white_check_mark: \|`
			`\| 25. x \| :negative_squared_cross_mark: \|`
			`\| 24. x \| :negative_squared_cross_mark: \|`
Update supported versions 2023-01-11 09:45:55 +01:00			`\| 23. x \| :negative_squared_cross_mark: \|`
			`\| 22. x \| :negative_squared_cross_mark: \|`
Create SECURITY.md 2021-06-13 14:39:33 +02:00
Update SECURITY.md 2022-03-15 18:38:36 +01:00			`Please update to the latest version available. Major migrations are always tested before being pushed.`
chore: update Nextcloud to 28.0.0 2023-12-12 13:28:40 +01:00			`An up-to-date list of the currently maintained Nextcloud versions can also be found in the [Nextcloud Repository Wiki](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule).`
Update SECURITY.md 2022-03-15 18:38:36 +01:00
			`## Automated vulnerability scanning`

			`Uploaded images are regularly scanned for [OS vulnerabilities](https://github.com/Wonderfall/docker-nextcloud/security/code-scanning).`

			`## Reporting a vulnerability`
Create SECURITY.md 2021-06-13 14:39:33 +02:00
			`Upstream vulnerabilities should be reported to upstream projects according to their own security policies.`

			`Regarding vulnerabilities specific to this project:`
			`- Faulty configuration files`
			`- Unsafe defaults`
			`- Dependencies security updates`

Update README.md and SECURITY.md 2022-05-05 21:56:17 +02:00			Those can be disclosed in private to `dev@hoellen.eu`.