You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@logging.apache.org by ma...@apache.org on 2020/08/23 18:31:02 UTC

[logging-log4j2] branch master updated: Create SECURITY.md

This is an automated email from the ASF dual-hosted git repository.

mattsicker pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git


The following commit(s) were added to refs/heads/master by this push:
     new f4461e0  Create SECURITY.md
f4461e0 is described below

commit f4461e0d4f237abca37a55c857d1cb62d1d633a3
Author: Matt Sicker <bo...@gmail.com>
AuthorDate: Sun Aug 23 13:30:57 2020 -0500

    Create SECURITY.md
---
 SECURITY.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f6dbd02
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Only the most recent release of Apache Log4j 2 is supported.
+
+## Reporting a Vulnerability
+
+If you have encountered an unlisted security vulnerability or other unexpected behaviour that has security impact, please report them privately to the [Log4j Security Team](mailto:private@logging.apache.org).
+
+## Past Vulnerabilities
+
+See [Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html).