mirror of https://github.com/josh-berry/tab-stash
33 lines
1.1 KiB
Markdown
33 lines
1.1 KiB
Markdown
# Tab Stash Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
Only the latest release is supported (regardless of distribution channel).
|
|
Supported distribution channels include:
|
|
|
|
- The official listing on [addons.mozilla.org][amo].
|
|
|
|
- Re-packaged/re-distributed copies of the latest version are supported, so long
|
|
as they are not patched and were built following the "release version" build
|
|
instructions in the README file.
|
|
|
|
[amo]: https://addons.mozilla.org/firefox/addon/tab-stash/
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Vulnerabilities may be reported in confidence via email to
|
|
`tab-stash@condordes.net`. Please put `[Tab Stash Security]` (including the
|
|
brackets) at the beginning of the subject.
|
|
|
|
When reporting a vulnerability, please provide as much detail as possible, and
|
|
include steps to reproduce the issue (just as if you were filing a normal bug
|
|
report).
|
|
|
|
Please note that because Tab Stash is a spare-time/"for fun" project:
|
|
|
|
- I cannot promise a fix by any particular time, though I will strive to address
|
|
any confirmed vulnerabilities as quickly as possible.
|
|
|
|
- I do not offer bug bounties or rewards/fees/etc. of any kind (other than my
|
|
sincere thanks).
|