[Python-checkins] 📝 Add a GitHub-specific security page (GH-13526)
Andrew Svetlov
webhook-mailer at python.org
Sat May 25 06:03:51 EDT 2019
https://github.com/python/cpython/commit/af570745fe3852a9ded0e723a7232e4cc0451e95
commit: af570745fe3852a9ded0e723a7232e4cc0451e95
branch: master
author: Sviatoslav Sydorenko <wk.cvs.github at sydorenko.org.ua>
committer: Andrew Svetlov <andrew.svetlov at gmail.com>
date: 2019-05-25T13:03:45+03:00
summary:
📝 Add a GitHub-specific security page (GH-13526)
* 📝 Add a GitHub-specific security page
It will show up @
https://github.com/python/cpython/security/policy
allowing to navigate users who get there from "Security" tab in the
GitHub repo to the full article explaining the security vulnerability
reporting practices.
Co-Authored-By: Hugo <hugovk at users.noreply.github.com>
files:
A .github/SECURITY.md
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 000000000000..23976fda4a7e
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+The Python team applies security fixes according to the table in
+in [the devguide](
+https://devguide.python.org/#status-of-python-branches
+).
+
+## Reporting a Vulnerability
+
+Please read the guidelines on reporting security issues [on the
+official website](
+https://www.python.org/news/security/#reporting-security-issues-in-python
+) for instructions on how to report a security-related problem to
+the Python team responsibly.
+
+To reach the response team, email `security at python dot org`.
More information about the Python-checkins
mailing list