| Message ID | 20251119170906.1342632-1-ibr@radix50.net |
|---|---|
| State | New |
| Headers | show
Return-Path: <isar-users+bncBDUZ3AGJYYHBBNPT67EAMGQEPFTLLEA@googlegroups.com>
Received: from shymkent.ilbers.de ([unix socket])
by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA;
Wed, 19 Nov 2025 18:09:17 +0100
X-Sieve: CMU Sieve 2.4
Received: from mail-lf1-f63.google.com (mail-lf1-f63.google.com
[209.85.167.63])
by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id
5AJH9Gv9005336
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <iupwgm@isar-build.org>; Wed, 19 Nov 2025 18:09:16 +0100
Received: by mail-lf1-f63.google.com with SMTP id
2adb3069b0e04-5943838a6a3sf4291506e87.1
for <iupwgm@isar-build.org>; Wed, 19 Nov 2025 09:09:16 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1763572151; cv=pass;
d=google.com; s=arc-20240605;
b=a3uWUALj6AA3Un8FEzMymlP9gzEYYdo6zlFazyeyhLtTxWtEwTihz/DPmmn9sY6ENP
THyprzKU66NVkv3lWiXorChFVzpDz8chx03IH05Hum28Qq53MHKgfm+NmnUkbxa5koZU
CcaAU+31NV8RPER/EIDB6Kp37y+HII0B1Qo/F3b1s3DZz5RmZyLq8guVxs8alwYJbxtA
+PfkDvf0WscfsU9eu0s2pXYZd5GhY3tdtRp5oYs6tMCQqNy6E0xxIhksxtoCVoH8h8m5
yOVhia9uTo0IAxqP9a3YfJbHO3b9RnKjEN5o14whG5YmyVbpNPm7/dPWReIcrWQcUL4L
WA/g==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:mime-version:message-id:date
:subject:to:from:sender:dkim-signature;
bh=zPyhlgzV14P5Dgb++HGpGaDb17whm9tfatMlQ7heY1U=;
fh=Ur9bIMpWTh8IfzR68LL4hNgN1Oe0EKt6vGv8MwOpaC0=;
b=aRSPeS5dU+Ao+qHH/EgrGMRc1iVQa8XFM2CTVWt+Y4mL3mmvKX2tR9ESd4k0+qPdpr
CU44nqPgmEh7Zz7gnYRUzcVOpvCVAXT3OFcZ2rtHQZ4/dAl9mzEB+eACj1guheuE3uuv
TsofRVLaFmnw+itTDD1s8Humh23c73WYVVh4oJ5yaIY6aThzpMIIbB7f7nrZ/qXtflWl
aKcQW2tYYVS2RNay6RAvQxfs1WRvjRvC8gCsCONyytOEK2LzC9++FqxllKz8euR4n4j/
R3E3xkHfCPJN4H6zrGlBap2HGsKmEWcYvZ8b2hzWU0cYbsLTA+1N0x/R9+pB3cqLoTSI
jJpw==;
darn=isar-build.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
spf=pass (google.com: domain of ibr@radix50.net designates
85.214.156.166 as permitted sender) smtp.mailfrom=ibr@radix50.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1763572151; x=1764176951;
darn=isar-build.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:mime-version:message-id:date:subject:to:from
:sender:from:to:cc:subject:date:message-id:reply-to;
bh=zPyhlgzV14P5Dgb++HGpGaDb17whm9tfatMlQ7heY1U=;
b=ahe4Ru+m0ig6FiAXsW61bBd3BiP0tiIepbXWmIuW1e2zOFWPSQZECVfkIuwNWDungP
uPNfstOseEtKTeH3QK7RLedY5Z/Y7pNfQg27gWW0EjEqztWCmxhgv+YIvxljOB1PDaFI
2RmtlR8lts6IlQ425fzV1tR7lzBuNPw+ozZMTloypeLFE9ONxf//yZsloCbUd31h7+aj
xsDLfu7q3Drf3uZVlS623n2tZpIudHrOBzlJox5X8UhNWT6h/1FwUg4ryZMqjnlHAa2m
hDyGjG7hTUWAFAzMFlkd96sEi8tC0uobwG0iLDgWJRiaf5M0j1DCgEh87WvfTkHb2AKJ
UNhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1763572151; x=1764176951;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:x-spam-checked-in-group:list-id:mailing-list:precedence
:x-original-authentication-results:x-original-sender:mime-version
:message-id:date:subject:to:from:x-beenthere:x-gm-message-state
:sender:from:to:cc:subject:date:message-id:reply-to;
bh=zPyhlgzV14P5Dgb++HGpGaDb17whm9tfatMlQ7heY1U=;
b=UKNtjtyGl1es/25JVuWr0ya0H6VKEGJvGM5cPgoxqGk9xWDTcYTMsytHKAbb2vdZz/
1dHkh1tNRFaCNJr/mPr05xD1Ye4qHcMStbD3KvdC3X/ZCBccqduEZCW4g1NLDN/KRc9p
7yYCSAerHXHijS1OB/80p/wEvIHMFG4ERA2aSCiUmfFRBOYa4+nk0v7+F/OI26mFfq4U
6p0uSHeTfFacKZyX8UmYjUGPPJ00bJqUinMNYIYy0RLBN77MiDIse9F719oFHyYSu8uk
9gtUXtgn+jnv9yVh0vOcVXtqH1sduzMT9WKiEjIcbFzdIxZuk+N0G8IDuJrNA0F97IPu
QWyQ==
Sender: isar-users@googlegroups.com
X-Forwarded-Encrypted: i=2;
AJvYcCXPvqHYorMKgh81kW48gTQ+9BjyuSmFB5yMsywakhCRRNdumqzH83tkh7hWDAbVlHUlEF5S8Qg=@isar-build.org
X-Gm-Message-State: AOJu0YykobC3J9ha3aRogHrEta9sIvcL77pwGb/+j6xBITsq+oOKxpuv
Mn3CF/HFLxrcIT68lByV1YQKHheXAiR2w4qJ1gC91QqXMMjKqW9JJ/fG
X-Google-Smtp-Source:
AGHT+IHtRMaieXK4IYQR/ssjEcpWg0zW/2E7RI9aE5zmlWKl0ZTC6Vax4fQPmcltz55vCl51d9XYtA==
X-Received: by 2002:a05:6512:1251:b0:595:8258:ccc4 with SMTP id
2adb3069b0e04-59584262dcdmr7225941e87.47.1763572150594;
Wed, 19 Nov 2025 09:09:10 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com;
h="Ae8XA+atG1zMh+Gb4Hkw2uHbiWV2bxikDzGU+bX9AMwdGYiP+A=="
Received: by 2002:a05:6512:3415:b0:596:9d0f:f9e5 with SMTP id
2adb3069b0e04-5969d0ffadbls128109e87.0.-pod-prod-04-eu; Wed, 19 Nov 2025
09:09:07 -0800 (PST)
X-Received: by 2002:a05:651c:31da:b0:37b:ba8d:c0db with SMTP id
38308e7fff4ca-37cc6748a43mr728421fa.4.1763572147553;
Wed, 19 Nov 2025 09:09:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1763572147; cv=none;
d=google.com; s=arc-20240605;
b=R9yq5wIOjoQXueuLXj5cqxE+pFQd4uqh1FY3oaKDQ6D3JahJaJG3A0+vdsWoiYxxq6
/YESC2zQ+WVVWL4LPVZAyIpgHrYRXcZqK7WY/LZjB9aBoIDdehjsrCfWV1D4rx+9wNqj
eV7mKv7Npj3r9lqy0Ls2MD8XUO20tWdID7Um+YOt7B38oNY0M++BNI/dWk7TvFh9nwDA
9qnR88JMkxL5WL9LgoJkUKjQh1EqCU8dh4NBQ0jBrPEoqrVUkiiCZXfBqi0j3559InA6
pvqKW9C+gY4JlIJZDoax5Hl6iJQ8VGa6c1r1LI8km4HPab4Ur6nb8GKWoSZKuaZXFgoC
/CGA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=content-transfer-encoding:mime-version:message-id:date:subject:to
:from;
bh=5iZITJk40kBMrPJDWozxPzVseTk1ewoFkAXH49L04Gw=;
fh=7tclEdh7YbwSQowgJ6LNq720O7H5HTEaqj22NJWRE2E=;
b=kWVF3g0+rmnj9o0+Qe2LmM8dEbphcRnzgvPS7P2zvHFwh4aowDCT7GbWwxAH+GBYB2
lIQv/loFsQiELYqH3lYtoh+jZSPnTOU9Q+4b8YUhqomyfJtmftgkM+YBNkQexTYApIo3
/4IFon+0kf1YKGmmZohDtVSJzcPHi2/WM4A8LAfySAmn69dkILuJcyLCSGkcgIJpSCfy
4EuUx5s7TDyAY4UUapLWtUqWUHD9rA/xWhDkhAqg+n4YPq8xr0ecTNheC4n4+QhVhiL+
1d9h0kU7bHrgoTi8jh+M172SjFV48l1mkfZKRXTEnUkh8moCdCXB2JP6PMSxIVrYx2iM
/9Qg==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
spf=pass (google.com: domain of ibr@radix50.net designates
85.214.156.166 as permitted sender) smtp.mailfrom=ibr@radix50.net
Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166])
by gmr-mx.google.com with ESMTPS id
38308e7fff4ca-37b9cec7909si3682151fa.7.2025.11.19.09.09.07
for <isar-users@googlegroups.com>
(version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
Wed, 19 Nov 2025 09:09:07 -0800 (PST)
Received-SPF: pass (google.com: domain of ibr@radix50.net designates
85.214.156.166 as permitted sender) client-ip=85.214.156.166;
Received: from abai.m.ilbers.de ([88.130.203.42])
(authenticated bits=0)
by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPA id
5AJH96j7005330
for <isar-users@googlegroups.com>; Wed, 19 Nov 2025 18:09:06 +0100
From: Baurzhan Ismagulov <ibr@radix50.net>
To: isar-users@googlegroups.com
Subject: [PATCH v2] Add security policy
Date: Wed, 19 Nov 2025 18:09:06 +0100
Message-Id: <20251119170906.1342632-1-ibr@radix50.net>
X-Mailer: git-send-email 2.39.5
MIME-Version: 1.0
X-Spam-Status: No, score=-4.6 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,
RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS
autolearn=unavailable autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de
X-Original-Sender: ibr@radix50.net
X-Original-Authentication-Results: gmr-mx.google.com; spf=pass
(google.com: domain of ibr@radix50.net designates 85.214.156.166 as permitted
sender) smtp.mailfrom=ibr@radix50.net
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
contact isar-users+owners@googlegroups.com
List-ID: <isar-users.googlegroups.com>
X-Spam-Checked-In-Group: isar-users@googlegroups.com
X-Google-Group-Id: 914930254986
List-Post: <https://groups.google.com/group/isar-users/post>,
<mailto:isar-users@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
<mailto:isar-users+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/isar-users
List-Subscribe: <https://groups.google.com/group/isar-users/subscribe>,
<mailto:isar-users+subscribe@googlegroups.com>
List-Unsubscribe:
<mailto:googlegroups-manage+914930254986+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/isar-users/subscribe>
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
|
| Series |
[v2] Add security policy
|
expand
|
diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..2ba12ff8 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Security updates will only be provided on top of the `master` branch. + +## Reporting a Vulnerability + +Please DO NOT report any potential security vulnerability via a public channel +(mailing list, github issue, etc.). Instead, create a report via +https://github.com/ilbers/isar/security/advisories/new or contact the +maintainers by email at security@isar-build.org. Please provide a detailed +description of the issue, the steps to reproduce it, the affected versions and, +if already available, a proposal for a fix. You should receive a response +within 15 business days. If for some reason you do not, please follow up by +email to ensure we received your original message. + +If we confirm the issue as a vulnerability, we will open a Security Advisory on +github and give credits for your report if desired. We follow the coordinated +vulnerability disclosure model and will define an appropriate disclosure +timeline together with you.