|
|
@@ -2,20 +2,21 @@
|
|
|
|
|
|
## Supported Versions
|
|
|
|
|
|
-Use this section to tell people about which versions of your project are
|
|
|
-currently being supported with security updates.
|
|
|
-
|
|
|
| Version | Supported |
|
|
|
| ------- | ------------------ |
|
|
|
-| 5.1.x | :white_check_mark: |
|
|
|
-| 5.0.x | :x: |
|
|
|
-| 4.0.x | :white_check_mark: |
|
|
|
-| < 4.0 | :x: |
|
|
|
+| 4.4.x | :white_check_mark: |
|
|
|
+| < 4.3 | :x: |
|
|
|
+
|
|
|
+## Reporting Security Issues
|
|
|
+
|
|
|
+If you believe you have found a security vulnerability in any GROWI related repository, **please do not report security vulnerabilities through public GitHub issues.**
|
|
|
+
|
|
|
+Instead, please report it to us using one of the methods described below.
|
|
|
|
|
|
-## Reporting a Vulnerability
|
|
|
+ * [Join our Slack team](https://growi-slackin.weseek.co.jp/) and send DM to `@yuki` who is the lead developer
|
|
|
+ * Report to JPCERT/CC ([en](https://www.jpcert.or.jp/english/ir/form.html)/[ja](https://www.jpcert.or.jp/form/))
|
|
|
|
|
|
-Use this section to tell people how to report a vulnerability.
|
|
|
+## Preferred Languages
|
|
|
|
|
|
-Tell them where to go, how often they can expect to get an update on a
|
|
|
-reported vulnerability, what to expect if the vulnerability is accepted or
|
|
|
-declined, etc.
|
|
|
+Communication in English and Japanese is possible.
|
|
|
+In Japanese, we can reply more quickly.
|
Yuki Takei