Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/dotnet/runtime.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/SECURITY.md
diff options
context:
space:
mode:
authordotnet-bot <dotnet-bot@microsoft.com>2019-11-14 03:26:19 +0300
committerdotnet-bot <dotnet-bot@microsoft.com>2019-11-14 03:26:19 +0300
commit381372f6f12884caee5bb90f52649040827e19cc (patch)
treeb8566ffcc1c4c2daa3cdbf1eebbfb8ac14a7718c /SECURITY.md
Initial runtime repository structure
Diffstat (limited to 'SECURITY.md')
-rw-r--r--SECURITY.md15
1 files changed, 15 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000000..92d052767fc
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,15 @@
+# Security Policy
+
+## Supported Versions
+
+The .NET Core and ASP.NET Core support policy, including supported versions can be found at the [.NET Core Support Policy Page](https://dotnet.microsoft.com/platform/support/policy/dotnet-core).
+
+## Reporting a Vulnerability
+
+Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) secure@microsoft.com.
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your
+original message. Further information, including the MSRC PGP key, can be found in the [Security TechCenter](https://technet.microsoft.com/en-us/security/ff852094.aspx).
+
+Reports via MSRC may qualify for the .NET Core Bug Bounty. Details of the .NET Core Bug Bounty including terms and conditions are at [https://aka.ms/corebounty](https://aka.ms/corebounty).
+
+Please do not open issues for anything you think might have a security implication.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 07:29:47 +0300