Codebase list libxstream-java / cme/main SECURITY.md
cme/main

Tree @cme/main (Download .tar.gz)

SECURITY.md @cme/mainraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
# Security Policy

## Supported Versions

The 1.4.x version is actively maintained.

| Version | Supported          |
| ------- | ------------------ |
| 1.4.x   | :white_check_mark: |
| < 1.4.0 | :x:                |

## Reporting a Vulnerability

If you have identified a security issue, ask on the [XStream mailing list](https://groups.google.com/group/xstream-user)
for access to the XStream Security list and you will receive an invitation. Send a security report there with details to
reproduce the problem with the latest XStream version.

Note, that XStream cares about security issues with XStream itself or in combination with the Java runtime, but not with
3rd party libraries. It is in the resposibility of each developer who brings those libraries together to setup the
[XStream Security Framework](https://x-stream.github.io/security.html#framework) properly.