This is the security policy for Gamma Web Server.
| Version | Supported | Date Released |
|---|---|---|
| 1.4.1 | ✅ | January 13th, 2024 |
| 1.4 (LTS) | ✅ | January 12th, 2024 |
| 1.3 | ❌ | June 29th, 2023 |
| 1.2 | ❌ | June 27th, 2023 (e673abe) |
| 1.1 | ❌ | December 24th, 2022 |
| 1.0 | ❌ | December 23rd, 2022 |
| Version | Supported | Date Released |
|---|---|---|
| 1.4.0-beta.2 | ❌ | November 6th, 2023 |
| 1.4.0-beta.1 | ❌ | October 20th, 2023 |
| 1.3.0-rc1/2 | ❌ | June 28th, 2023 |
We take the security of our software seriously and appreciate the efforts of the community in improving it. If you discover a security vulnerability, we kindly request that you follow our responsible disclosure process.
To report a security vulnerability, please follow these steps:
- Do not publicly disclose the vulnerability or related details.
- Send an email to recon at [email protected] with a detailed description of the vulnerability. Please include information such as the impact and potential exploit scenarios.
- The email should be acknowledged within 2-3 days and recon may request additional information or clarification if needed.
- We aim to respond to vulnerability reports and provide updates on the progress of addressing them in a timely manner.
- If desired, you will be publicly acknowledged for your contribution once the vulnerability is resolved.
We kindly request that you adhere to responsible disclosure practices when reporting security vulnerabilities:
- Refrain from publicly disclosing the vulnerability before it has been resolved.
- Avoid actively exploiting the vulnerability or performing any malicious actions.
- Do not modify, access, or delete any data without explicit authorization.
We appreciate your dedication to protecting the security and integrity of our software and its users. As a token of our gratitude, we may consider providing rewards or recognition for responsibly disclosed security vulnerabilities, subject to our discretion.
Thank you for contributing to the security of Gamma Web Server.