Skip to content

Latest commit

 

History

History
20 lines (14 loc) · 1.29 KB

SECURITY.md

File metadata and controls

20 lines (14 loc) · 1.29 KB

Security Policy

Supported Versions

Version Supported Policy
29.x Supported branch (6 months from initial release)
28.x ⚠️ Maintenance branch (6 additional months)
27.x Unsupported (volunteers release as needed)
26.x Unsupported (volunteers release as needed)

Reporting a Vulnerability

As a Java library we often find vulnerabilities are reported by downstream (and thus user facing) projects.

  • GeoTools uses GitHub security option for private vulnerability reporting
  • To discuss vulnerabilities attend our bi-weekly video chat meeting (see developer list for meeting invite).
  • GeoTools is an Open Source Geospatial Foundation project, the geotools project officer can be emailed directly if you are unable to attend meeting above.

To allow downstream projects an opportunity to upgrade the GeoTools issue tracker uses placeholder issues (with no description or details). Details are added when fix is available in the supported and maintenance branches listed above.