Skip to content
This repository has been archived by the owner on Mar 11, 2022. It is now read-only.

Security: healthIMIS/sormas-issuetracker

Security

SECURITY.md

Security Policy

This document describes the security policy and reporting procedures for the GitHub Issue Tracker project.

If you want to report a bug which is not security sensible, please submit an issue.

Reporting a Security Issue

Our team takes all security issues in our code seriously.
If you want to report a security issue we appreciate your effort and kindly ask you to submit a responsible disclosure.
Unfortunately, IMIS does not offer a bug bounty program or other forms of monetary compensation. However, we can acknowledge your effort publicly in the GitHub project.
Thank you for improving the security of the GitHub Issue Tracker project!

Report security issues via email at [email protected].

The IMIS team acknowledges your email within two days and will further respond in detail within three days, explaining the induced actions.
Our security team will keep you up to date of the progress towards fixing the vulnerability and may ask you for additional information.

Please report security issues in third-party dependencies to the person or team maintaining the project for this dependency.

Responsible Disclosure Policy

When we receive a security bug report, we will assign it to a person who handles your disclosure.
This person is responsible for the following steps of the fix process:

  • Confirm the problem and identify affected versions
  • Audit code for finding similarproblems
  • Develop fixes for all affected versions
  • Release fixes as quick as possible

Suggestions for this Policy

Feedback on this policy and the process is welcome and if you want to suggest how to improve it, we kindly ask you to submit a pull request.

There aren’t any published security advisories