| commit | author | age | ||
| a4d46a | 1 | # Security Policy |
| MN | 2 | |
| 3 | ## Supported Versions | |
| 4 | ||
| 5 | The OpenIndiana project commits to providing fixes or mitigations to each | |
| 6 | and every security vulnerability in software we provide. List of source | |
| 7 | code repositories of software we develop is to be found in the | |
| 8 | [documentation](https://docs.openindiana.org/dev/building-openindiana/#source-repositories). | |
| 9 | ||
| 10 | Note that most of the software we deliver is developed independently and | |
| 11 | we merely distribute it. As such the original software author should be made | |
| 12 | aware about a potential security issue. | |
| 13 | ||
| 14 | Priority with which we handle security issues is based on the severity | |
| 15 | of the issue. | |
| 16 | ||
| 17 | OpenIndiana is a rolling release distribution and has only one maintained | |
| 18 | branch called *hipster*. Other (historical) branches are not supported. | |
| 19 | ||
| 20 | ## Reporting a Vulnerability | |
| 21 | ||
| 22 | If you are aware of a security vulnerability in software delivered by | |
| 23 | the OpenIndiana project, please send us an email to security@openindiana.org. | |
| 24 | Thank you! | |
| 25 | ||
| 26 | Also see the [Security Issues](https://www.openindiana.org/community/security-issues/) | |
| 27 | page on our website. | |
