"Fossies" - the Fresh Open Source Software Archive

Member "dubbo-dubbo-3.1.3/SECURITY.md" (22 Nov 2022, 1609 Bytes) of package /linux/misc/dubbo-dubbo-3.1.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field.

A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.


Security Policy

Supported Versions

Below is a table that shows versions that we accept security fixes.

Version Supported
3.0.x
2.7.x
2.6.x
2.5.x

Reporting a Vulnerability

The Apache Software Foundation takes a rigorous standpoint in annihilating the security issues in its software projects. Apache Dubbo is highly sensitive and forthcoming to issues pertaining to its features and functionality.

If you have apprehensions regarding Dubbo's security or you discover vulnerability or potential threat, don’t hesitate to get in touch with the Apache Dubbo Security Team by dropping a mail at security@dubbo.apache.org. In the email, specify the description of the issue or potential threat. You are also urged to recommend the way to reproduce and replicate the issue. The Dubbo community will get back to you after assessing and analysing the findings.

PLEASE PAY ATTENTION to report the security issue on the security email before disclosing it on public domain.

Vulnerability Handling

An overview of the vulnerability handling process is:

A more detailed description of the process can be found here.