mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-05-04 18:08:46 +03:00
25 lines
1.3 KiB
Markdown
25 lines
1.3 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
Only the [latest version](https://codeberg.org/bookstack/bookstack/releases) of BookStack is supported.
|
|
We generally don't support older versions of BookStack due to maintenance effort and
|
|
since we aim to provide a fairly stable upgrade path for new versions.
|
|
|
|
## Security Notifications
|
|
|
|
If you'd like to be notified of new potential security concerns you can [sign-up to the BookStack security mailing list](https://updates.bookstackapp.com/signup/bookstack-security-updates).
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you've found an issue that likely has no impact to existing users (For example, an issue only in the development branch)
|
|
feel free to raise it via a standard Codeberg bug report issue.
|
|
|
|
If the issue could have a security impact to BookStack instances,
|
|
please directly contact the lead maintainer via email Dan Brown using the [details found here](https://www.bookstackapp.com/links/contact/).
|
|
|
|
Please be patient while the vulnerability is being reviewed. Deploying the fix to address the vulnerability
|
|
can often take a little time due to the amount of preparation required, to ensure the vulnerability has
|
|
been covered, and to create the content required to adequately notify the user-base.
|
|
|
|
Thank you for keeping BookStack instances safe! |