Skip to content

Security: wkliao/gio

Security

SECURITY.md

Security Policy

Security issues specific to the GIO code base itself have so far been rare. The issue label security is used to identify issues which manifest known security vulnerabilities.

Security issues, when discovered, follow the same process as any other bug fixes. Security issues are triaged and assessed for severity and likelihood. Work to correct security issues is then scheduled as appropriate.

Though the project has so far not encountered urgent security vulnerabilities, should any arise the project will use GitHub's security communication mechanisms to gather information.

In the event the GIO user community requires notification of a potential urgent security vulnerability, our intention is to provide an update on or about the same time we use our normal communication mechanisms to alert users.

Supported Versions

The supported version of GIO is the latest release. All releases of GIO can be found in release page.

Any security issues requiring immediate updates to GIO will be made available, at best, only in the latest release but might also only be made available in the next planned release. A planned release of GIO may be accelerated in order to address a security issue. On very rare occasions, the GIO project may re-release an already released version solely to address a specific or severe issue.

Reporting a Vulnerability

Generally, any issues with security implications should be submitted through the project's GitHub security Report a vulnerability button.

There aren't any published security advisories