.forgejo/SECURITY.md

# Security Policy

## Supported Versions

Only the [latest version](https://codeberg.org/bookstack/bookstack/releases) of BookStack is supported.
We generally don't support older versions of BookStack due to maintenance effort and
since we aim to provide a fairly stable upgrade path for new versions.

## Security Notifications

If you'd like to be notified of new potential security concerns you can [sign-up to the BookStack security mailing list](https://updates.bookstackapp.com/signup/bookstack-security-updates).

## Reporting a Vulnerability

If you've found an issue that likely has no impact to existing users (For example, an issue only in the development branch)
feel free to raise it via a standard Codeberg bug report issue.

If the issue could have a security impact to BookStack instances, 
please directly contact the lead maintainer via email Dan Brown using the [details found here](https://www.bookstackapp.com/links/contact/).

Please be patient while the vulnerability is being reviewed. Deploying the fix to address the vulnerability
can often take a little time due to the amount of preparation required, to ensure the vulnerability has
been covered, and to create the content required to adequately notify the user-base.

Thank you for keeping BookStack instances safe!
Added security policy md file 2021-10-26 16:09:41 +01:00			`# Security Policy`

			`## Supported Versions`

Meta: Converted GitHub references in codebase to Codeberg 2026-04-28 09:30:48 +01:00			`Only the [latest version](https://codeberg.org/bookstack/bookstack/releases) of BookStack is supported.`
Added security policy md file 2021-10-26 16:09:41 +01:00			`We generally don't support older versions of BookStack due to maintenance effort and`
			`since we aim to provide a fairly stable upgrade path for new versions.`

			`## Security Notifications`

			`If you'd like to be notified of new potential security concerns you can [sign-up to the BookStack security mailing list](https://updates.bookstackapp.com/signup/bookstack-security-updates).`

			`## Reporting a Vulnerability`

Meta: Updated security info and fixed some tests/links 2026-04-30 00:32:27 +01:00			`If you've found an issue that likely has no impact to existing users (For example, an issue only in the development branch)`
			`feel free to raise it via a standard Codeberg bug report issue.`
Added security policy md file 2021-10-26 16:09:41 +01:00
Update SECURITY.md Remove huntr 2023-10-19 17:12:18 +02:00			`If the issue could have a security impact to BookStack instances,`
Meta: Updated security info and fixed some tests/links 2026-04-30 00:32:27 +01:00			`please directly contact the lead maintainer via email Dan Brown using the [details found here](https://www.bookstackapp.com/links/contact/).`
Added security policy md file 2021-10-26 16:09:41 +01:00
			`Please be patient while the vulnerability is being reviewed. Deploying the fix to address the vulnerability`
			`can often take a little time due to the amount of preparation required, to ensure the vulnerability has`
			`been covered, and to create the content required to adequately notify the user-base.`

Meta: Updated security info and fixed some tests/links 2026-04-30 00:32:27 +01:00			`Thank you for keeping BookStack instances safe!`