You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by ma...@apache.org on 2020/08/23 18:31:29 UTC
[logging-log4j2] branch release-2.x updated: Create SECURITY.md
This is an automated email from the ASF dual-hosted git repository.
mattsicker pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new 661fdca Create SECURITY.md
661fdca is described below
commit 661fdcacf1b1658f871514af69e566607b9b4d92
Author: Matt Sicker <bo...@gmail.com>
AuthorDate: Sun Aug 23 13:30:57 2020 -0500
Create SECURITY.md
---
SECURITY.md | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f6dbd02
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Only the most recent release of Apache Log4j 2 is supported.
+
+## Reporting a Vulnerability
+
+If you have encountered an unlisted security vulnerability or other unexpected behaviour that has security impact, please report them privately to the [Log4j Security Team](mailto:private@logging.apache.org).
+
+## Past Vulnerabilities
+
+See [Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html).