SECURITY.md

Coreax is supported on a best endeavours basis. Patches will be applied to thelatest version rather than retroactively to older versions. To ensure you are usingthe most secure version of Coreax, please make sure you have thelatest release.

Disclosures of vulnerabilities in Coreax are always welcomed. Whilst we aim to writeclean and secure code free from bugs, we recognise that this is an open source project,relying on other of open source libraries that are modified and updated on a regularbasis. We hope that the community will continue to support us as we endeavour tomaintain and develop this tool together.

If you believe that you have identified a potential vulnerability in the code base,please report this promptly tooss@gchq.gov.uk. Pleasedescribe the problem in as much detail as possible, ideally with examples. Each reportwill be dealt with on a case-by-case basis. You will receive regular communication onthe resolution and progress of your report.

There aren’t any published security advisories