We take security seriously and strive to keep AutoVox secure. Below are the versions of AutoVox that are currently supported with security updates:
| Version | Supported |
|---|---|
| Latest | ✅ |
| Older versions | ❌ |
If you discover a security vulnerability in AutoVox, please follow these steps:
-
Do Not Report Publicly:
Do not report the vulnerability in a public issue or pull request. Reporting publicly might expose the vulnerability to potential attackers before it can be fixed. -
Contact Us Privately:
Please send details of the vulnerability to [[email protected]]. In your email, include:- A description of the vulnerability and its potential impact.
- Steps to reproduce the vulnerability (if applicable).
- Any relevant details, such as your operating system or software version.
-
Response Time:
We will acknowledge your report within 48 hours and will provide an estimate for when we expect to address the issue. We aim to resolve critical vulnerabilities as soon as possible. -
Fixing the Vulnerability:
Once the issue has been resolved, we will issue a patch and provide details in a security update announcement. You will be credited for discovering the vulnerability unless you wish to remain anonymous. -
Security Announcements:
Security updates and patches will be announced through GitHub’s release notes and changelogs. Make sure to follow the repository to stay informed of any critical updates.
We strongly encourage responsible disclosure of security issues. If you adhere to responsible disclosure by privately reporting the issue and allowing us time to fix it before disclosing it publicly, we will work closely with you to ensure a smooth resolution.
Thank you for helping us maintain the security and integrity of AutoVox!