mirror of
https://github.com/hoellen/docker-nextcloud.git
synced 2025-04-19 20:19:24 +00:00
36 lines
1.4 KiB
Markdown
36 lines
1.4 KiB
Markdown
# Security Policy
|
|
|
|
## Supported versions
|
|
|
|
All versions of the Nextcloud community version which still receive updates will be supported
|
|
and will receive the minor version updates and security patches.
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 29. x | :white_check_mark: |
|
|
| 28. x | :white_check_mark: |
|
|
| 27. x | :white_check_mark: |
|
|
| 26. x | :negative_squared_cross_mark: |
|
|
| 25. x | :negative_squared_cross_mark: |
|
|
| 24. x | :negative_squared_cross_mark: |
|
|
| 23. x | :negative_squared_cross_mark: |
|
|
| 22. x | :negative_squared_cross_mark: |
|
|
|
|
Please update to the latest version available. Major migrations are always tested before being pushed.
|
|
An up-to-date list of the currently maintained Nextcloud versions can also be found in the [Nextcloud Repository Wiki](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule).
|
|
|
|
## Automated vulnerability scanning
|
|
|
|
Uploaded images are regularly scanned for [OS vulnerabilities](https://github.com/Wonderfall/docker-nextcloud/security/code-scanning).
|
|
|
|
## Reporting a vulnerability
|
|
|
|
*Upstream* vulnerabilities should be reported to *upstream* projects according to their own security policies.
|
|
|
|
Regarding vulnerabilities specific to this project:
|
|
- Faulty configuration files
|
|
- Unsafe defaults
|
|
- Dependencies security updates
|
|
|
|
Those can be disclosed in private to `dev@hoellen.eu`.
|