|
@@ -0,0 +1,20 @@
|
|
|
+# Security Policy
|
|
|
+
|
|
|
+## Supported Versions
|
|
|
+
|
|
|
+We only support the latest stable version for security issues.
|
|
|
+See the [releases page](https://github.com/minetest/minetest/releases).
|
|
|
+
|
|
|
+## Reporting a Vulnerability
|
|
|
+
|
|
|
+We ask that you report vulnerabilities privately, by contacting a core developer,
|
|
|
+to give us time to fix them. You can do that by emailing one of the following addresses:
|
|
|
+
|
|
|
+* celeron55@gmail.com
|
|
|
+* rubenwardy@minetest.net
|
|
|
+
|
|
|
+Depending on severity, we will either create a private issue for the vulnerability
|
|
|
+and release a patch version of Minetest, or give you permission to file the issue publicly.
|
|
|
+
|
|
|
+For more information on the justification of this policy, see
|
|
|
+[Responsible Disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure).
|