references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-13 19:20:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update pre-release notification criteria in README

Browse Source 
Clarified language regarding pre-release notifications for critical and high-risk vulnerabilities.
This commit is contained in:
Oliver Günther
2026-05-26 14:07:58 +02:00
committed by GitHub
parent 61cd01b784
commit ef9bdd4895
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/security-and-privacy/statement-on-security/README.md
+1 -1
View File
@@ -135,7 +135,7 @@ A security issue is considered fixed only once the fix has been released for all
### Pre-release notification
For critical and high-severity vulnerabilities, subscribers of our [security mailing list](#security-announcements-mailing-list) will receive a pre-release notification **7 days before** the security release. This notification will include the planned release date and the severity of the issue, but will **not** include vulnerability details or patches. This gives administrators time to schedule maintenance windows and prepare for an upgrade.
For critical and high-risk vulnerabilities with clear attack vectors, and immediate action to be taken by administrators, subscribers of our [security mailing list](#security-announcements-mailing-list) will receive a pre-release notification **7 days before** the security release. This notification will include the planned release date and the severity of the issue, but will not include vulnerability details or patches. This gives administrators time to schedule maintenance windows and prepare for an upgrade.
### Public disclosure