Mercurial
comparison third_party/libuv/SECURITY.md @ 173:827c6ac504cd hg-web
Merged in default here.
| author | MrJuneJune <me@mrjunejune.com> |
|---|---|
| date | Mon, 19 Jan 2026 18:59:10 -0800 |
| parents | 948de3f54cea |
| children |
comparison
equal
deleted
inserted
replaced
| 151:c033667da5f9 | 173:827c6ac504cd |
|---|---|
| 1 # Security Policy | |
| 2 | |
| 3 ## Supported Versions | |
| 4 | |
| 5 Currently, we are providing security updates for the latest release in the v1.x series: | |
| 6 | |
| 7 | Version | Supported | | |
| 8 | ------- | ------------------ | | |
| 9 | Latest v1.x | :white_check_mark: | | |
| 10 | |
| 11 ## Reporting a Vulnerability | |
| 12 | |
| 13 If you believe you have found a security vulnerability in `libuv`, please use the [GitHub's private vulnerability reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) in the [libuv repository](https://github.com/libuv/libuv) to report it to us. | |
| 14 | |
| 15 This will allow us to assess the risk, and make a fix available before we add a bug report to the GitHub repository. | |
| 16 | |
| 17 Please do: | |
| 18 | |
| 19 * Provide as much information as you can about the vulnerability. | |
| 20 * Provide details about your configuration and environment, if applicable. | |
| 21 | |
| 22 Please do not: | |
| 23 | |
| 24 * Post any information about the vulnerability in public places. | |
| 25 * Attempt to exploit the vulnerability yourself. | |
| 26 | |
| 27 We take all security bugs seriously. Thank you for improving the security of `libuv`. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions. |