mirror of
https://github.com/openzfs/zfs.git
synced 2026-07-16 17:27:25 +02:00
0467ba01ce
CodeQL / Analyze (cpp) (push) Has been cancelled
unit-tests / unit-tests (push) Has been cancelled
checkstyle / checkstyle (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
smatch / smatch (push) Has been cancelled
zfs-arm / ZFS ARM build (push) Has been cancelled
zfs-qemu / Setup (push) Has been cancelled
zloop / zloop (push) Has been cancelled
zfs-qemu / qemu-x86 (push) Has been cancelled
zfs-qemu / Cleanup (push) Has been cancelled
Add a basic SECURITY.md file to establish the repository's security reporting policy. Includes guidance for reporting security issues and what to expect. Reviewed-by: Allan Jude <allan@klarasystems.com> Reviewed-by: George Melikov <mail@gmelikov.ru> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #18766
1.0 KiB
1.0 KiB
Security Policy
Reporting a Vulnerability
We encourage responsible disclosure of security vulnerabilities. If you find something suspicious, we encourage and appreciate your report.
The preferred way to report a vulnerability is to use the "Report a vulnerability" button under the Security tab of the OpenZFS GitHub repository. This creates a private communication channel between you and the maintainers, allowing us to review the report confidentially and respond as quickly as possible.
Please include, if possible:
- A clear description of the issue
- Steps to reproduce the problem
- Affected versions or branches
- Any proof of concept, logs, or screenshots
- Your assessment of the potential impact
What to Expect
- We will review security reports as soon as practical.
- We may ask follow-up questions to better understand the issue.
- Please allow time for investigation and coordination before public disclosure.
- If the issue is confirmed, we will work on a fix and release a security update as needed for supported OpenZFS versions.