security
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
security [2019/11/04 08:31] – add explicit FFI clause krakjoe | security [2024/01/30 17:35] (current) – derick | ||
---|---|---|---|
Line 5: | Line 5: | ||
* Version: 1.0.1 | * Version: 1.0.1 | ||
* RFC: [[rfc: | * RFC: [[rfc: | ||
+ | |||
+ | < | ||
====== Introduction ====== | ====== Introduction ====== | ||
Line 78: | Line 80: | ||
* requires the use of code or settings known to be insecure | * requires the use of code or settings known to be insecure | ||
* requires the use of FFI | * requires the use of FFI | ||
+ | * requires an open_basedir bypass | ||
Line 85: | Line 88: | ||
Low severity fixes are merged immediately after the fix is available and handled like all regular bugs are handled consequently. However, release managers may choose to pull those fixes into the RC branch after the branch is created, and also backport them into security-only release branch. | Low severity fixes are merged immediately after the fix is available and handled like all regular bugs are handled consequently. However, release managers may choose to pull those fixes into the RC branch after the branch is created, and also backport them into security-only release branch. | ||
+ | |||
====== FAQ ====== | ====== FAQ ====== | ||
Q. How do I report a security issue?\\ | Q. How do I report a security issue?\\ | ||
- | A. Please report it on http:// | + | A. Please report it on http:// |
Q. What do you consider a responsible disclosure? | Q. What do you consider a responsible disclosure? |
security.1572856290.txt.gz · Last modified: 2019/11/04 08:31 by krakjoe