SECURITY.md

The latest release of qTox is supported. Any security fix will be added to a newversion on top of it.

Please report vulnerabilities by Tox toanthonybilinskiand sudden6.If that's not an option, please emailme@abilinski with GPG fingerprint7EB3 39FE 8817 47E7 01B7 D472 EBE3 6E66 A842 9B99 andsudden6@gmx.at with GPG fingerprintDA26 2CC9 3C0E 1E52 5AD2 1C85 9677 5D45 4B8E BF44.

We should get back to you within a week. If the vulnerability is qTox specificand accepted, there should be a new release addressing the vulnerability withina couple of weeks. If we disagree with the vulnerability analysis, we willanswer explaining our reasoning.

If the vulnerability is related to a dependency of qTox, we will follow thedisclosure policy of that project. If a fix from the project isn't imminent andit's possible, we will mitigate the issue in qTox.

There aren’t any published security advisories