Skip to content

Security: UNOG-Indico/indico-core

Security

SECURITY.md

Security Policy

Supported Versions

Indico uses the second part of the version number for major feature releases, ie. 3.1, 3.2, ...

Bugfixes are generally only released for the latest major version (e.g. 3.1.1 to fix bugs discovered in 3.1).

For security releases we usually follow the same schema. In exceptional cases where the previous version (e.g. 3.0) is still somewhat recent and thus widely used AND no suitable workarounds exist, we may also create a patch release for that version.

Reporting a Vulnerability

Please report it privately using GitHub's "Report a Vulnerability" option. In case you do not have a GitHub account, you can also email indico-team@cern.ch.

There aren’t any published security advisories