From 9275e0cd82be905daeea95b26e02b0ae18426ea7 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Wed, 26 Feb 2020 16:40:27 -0500 Subject: [PATCH] Clarify scope of SECURITY.md Clarify scope of SECURITY.md, also update my contact info. --- SECURITY.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index bd126a7f..77715ca4 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,9 +1,11 @@ # Security Policy +**This security policy only applies to asdf core, which is the code contained in this repository. All plugins are the responsibility of their creators and are not covered under this security policy.** + ## Supported Versions Typically only the latest version is maintained. Versions are -released sequencially, with major, minor, and patch versions incremented +released sequentially, with major, minor, and patch versions incremented as necessary. If a vulnerability is found in an old version of asdf, updating to the latest version of asdf will be required. @@ -22,6 +24,6 @@ updating to the latest version of asdf will be required. To report a vulnerability please contact one of: -* @Stratus3D via email: admin [at] stratus3d.com - PGP is not setup for this email address. +* @Stratus3D via email: see https://stratus3d.com/contact/ for email. PGP is not setup for this email address. * @danhper via email: see https://daniel.perez.sh/ for email and PGP key * TODO: Add secure contact methods of others on the core team.