Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update SECURITY.md #974

Merged
merged 1 commit into from
May 15, 2020
Merged

Update SECURITY.md #974

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 13 additions & 5 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,23 @@ We will keep the details of your security vulnerability report private and only

## Supported Versions

| Version | Branch | Supported |
| --------- | ---------------- | ------------------ |
| 1.9.4.4 | 1.9.4.x | :white_check_mark: |
| < 1.9.4.4 | 1.9.3.x, etc. | :x: |
| OpenMage LTS Tag | Magento Version | Branch | Supported |
| -------------------- | ----------------- | ---------------- | ------------------ |
| ~19.4.3 | 1.9.4.5 | 1.9.4.x | :white_check_mark: |
| - | <= 1.9.4.4 | multiple | :x: |

## Reporting a Vulnerability

To report a vulnerability, please *DO NOT* open a public Issue or Pull Request.

Please email your security vulnerability report to one of the project maintainers listed in the README.md file along with your Github user name so that once we create a security advisory you may be added to it as a collaborator for further collaboration.

We will review the advisory and work with you to find a suitable solution. We will disclose the vulnerability once a patch is prepared and ours community and partners have an easy path forward to apply the patch promptly. We will be sure to give you credit for the vulnerability discovery unless you request otherwise.
We will review the advisory and work with you to find a suitable solution. We will publicly disclose the vulnerability once a patch is prepared and our community and partners have an easy path forward to apply the patch promptly. We will be sure to give you credit for the vulnerability discovery unless you request otherwise.

## Limitation of Liability

As per section 8 of the [OSL 3.0 license](https://opensource.org/licenses/OSL-3.0) by which this source code is made available to the general public, we offer this source code only on a "use at your own risk" basis.

> 8) Limitation of Liability. Under no circumstances and under no legal theory, whether in tort (including negligence), contract, or otherwise, shall the Licensor be liable to anyone for any indirect, special, incidental, or consequential damages of any character arising as a result of this License or the use of the Original Work including, without limitation, damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses. This limitation of liability shall not apply to the extent applicable law prohibits such limitation.

For the full text see `LICENSE.md`.