mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 20:45:37 +01:00
a21abf249c
There was no mention of our security email address, nor of our security process, in the repo, which made them hard to discover for contributors. Also, this filename is recognized by github: https://docs.github.com/en/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
624 B
624 B
Reporting Vulneratibilities
If you think you have found an Mbed TLS security vulnerability, then please send an email to the security team at mbed-tls-security@lists.trustedfirmware.org.
Security Incident Handling Process
Our security process is detailled in our security center.
Its primary goal is to ensure fixes are ready to be deployed when the issue goes public.
Maintained branches
Only the maintained branches, as listed in BRANCHES.md, get security fixes. Users are urged to always use the latest version of a maintained branch.