Skip to content

Security: sander/docpkg

Security policy

Supported versions

Currently only snapshot versions are available. Any vulnerability should be mitigated in a next snapshot version.

Reporting a vulnerability

Report vulnerabilities to Sander in private, mentioning the project name in the mail subject header. Indicate if and how you want to be identified when publishing about the vulnerability. Expect to get a response within 7 days, but usually within 48 hours, indicating whether the report is accepted. I make my best effort to share fixes for vulnerabilities and publish about the reports when appropriate.

There aren’t any published security advisories