Skip to content

Security: kohlschutter/junixsocket

SECURITY.md

Security Policy

Supported Versions

Note that the Apache 2.0 licensed junixsocket project comes with absolutely no warranties or conditions of any kind. That said, we try our best to remedy any security issues as soon as possible.

Should a security issue arise, a fix would usually be included in a PATCH or MINOR version update, i.e., 2.6.1 -> 2.6.2 or 2.7.0.

All 2.x.x versions should be backwards-compatible. Consider the latest 2.x.x version the recommended version.

If you depend on an outdated version of junixsocket or need other commercial support, please reach out to directly to Christian Kohlschütter (email is in pom.xml).

Version Supported
2.10.x
< 2.10.x Commercial support available
< 2.0

Reporting a Vulnerability

Please DO NOT report security vulnerabilities through GitHub issues!

Instead, please reach out directly to Christian Kohlschütter (email is in pom.xml); be sure to include the phrase SECURITY ISSUE in the email subject.

You should usually receive a response within 3 business days.

This project follows a 90 day disclosure timeline.

There aren’t any published security advisories