Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
/gogsPublic

Security: gogs/gogs

SECURITY.md

Supported versions

Only the latest minor version releases are supported (>= 0.13) for accepting vulnerability reports and patching fixes.

Existing vulnerability reports are being tracked inGitHub Security Advisories.

Vulnerability lifecycle

Important

StartingNov 9, 2023 00:00 UTC, only security vulnerabilities reported throughGitHub Security Advisories are accepted.Pre-existing vulnerability reported throughhttps://huntr.dev/ or email (security@gogs.io) will continue to be worked through.

  1. Report an advisory for the vulnerability.
    • Please be aware thatonly advisories reported in plain English will be reviewed.
  2. Project maintainers review the advisory:
    • Ask clarifying questions
    • Make sure there was no prior advisory exists for the same vulnerability
    • Confirm or deny the vulnerability
  3. Once the advisory is accepted, the reporter may submit a patch or wait for project maintainers to patch.
    • The latter is usually significantly slower.
  4. Patch releases will be made for the supported versions.
  5. After 14 days of the release, publish the corresponding advisory onGitHub Security Advisories.

Thank you for making open source community a better place!

Previous13
Learn more about advisories related togogs/gogs in theGitHub Advisory Database
[8]ページ先頭
©2009-2025 Movatter.jp