You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@logging.apache.org by ma...@apache.org on 2020/08/23 18:31:29 UTC

[logging-log4j2] branch release-2.x updated: Create SECURITY.md

This is an automated email from the ASF dual-hosted git repository.

mattsicker pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git


The following commit(s) were added to refs/heads/release-2.x by this push:
     new 661fdca  Create SECURITY.md
661fdca is described below

commit 661fdcacf1b1658f871514af69e566607b9b4d92
Author: Matt Sicker <bo...@gmail.com>
AuthorDate: Sun Aug 23 13:30:57 2020 -0500

    Create SECURITY.md
---
 SECURITY.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f6dbd02
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Only the most recent release of Apache Log4j 2 is supported.
+
+## Reporting a Vulnerability
+
+If you have encountered an unlisted security vulnerability or other unexpected behaviour that has security impact, please report them privately to the [Log4j Security Team](mailto:private@logging.apache.org).
+
+## Past Vulnerabilities
+
+See [Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html).