summaryrefslogtreecommitdiff
path: root/SECURITY.md
blob: 76032e94e50f219ca583970ef8302c5a5ca8efc9 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

# Security policy for Flatpak

 * [Supported Versions](#Supported-Versions)
 * [Reporting a Vulnerability](#Reporting-a-Vulnerability)
 * [Security Announcements](#Security-Announcements)
 * [Acknowledgements](#Acknowledgements)

## Supported Versions

In stable branches and released packages, this table is likely to be outdated;
please check
[the latest version](https://github.com/flatpak/flatpak/blob/main/SECURITY.md).

| Version  | Supported          | Status
| -------- | ------------------ | -------------------------------------------------------------- |
| 1.15.x   | :hammer:           | Development branch, releases may include non-security changes  |
| 1.14.x   | :white_check_mark: | Stable branch, recommended for use in distributions            |
| 1.13.x   | :x:                | Old development branch, no longer supported                    |
| 1.12.x   | :white_check_mark: | Old stable branch, still supported                             |
| 1.11.x   | :x:                | Old development branch, no longer supported                    |
| 1.10.x   | :white_check_mark: | Old stable branch, still supported                             |
| <= 1.9.x | :x:                | Older branches, no longer supported                            |

## Reporting a Vulnerability

If you think you've identified a security issue in Flatpak, please DO NOT
report the issue publicly via the GitHub issue tracker, mailing list,
Matrix, IRC or any other public medium. Instead, send an email with as
many details as possible to
[flatpak-security@lists.freedesktop.org](mailto:flatpak-security@lists.freedesktop.org).
This is a private mailing list for the Flatpak maintainers.

Please do **not** create a public issue.

## Security Announcements

The [flatpak@lists.freedesktop.org](mailto:flatpak@lists.freedesktop.org) email list is used for messages about
Flatpak security announcements, as well as general announcements and
discussions.
You can join the list [here](https://lists.freedesktop.org/mailman/listinfo/flatpak).

## Acknowledgements

This text was partially based on the [github.com/containers security policy](https://github.com/containers/common/blob/main/SECURITY.md).
View Lorry Controller Status