mirror of https://github.com/ctz/rustls
docs: update SECURITY example
The existing example should be easy enough to understand, but it's also easy enough to update for the current major releases for maximum clarity.
This commit is contained in:
parent
5ea02ed56f
commit
1f5146cdfa
11
SECURITY.md
11
SECURITY.md
|
@ -5,13 +5,20 @@
|
|||
Security fixes will be backported only to the rustls versions for which the
|
||||
original semver-compatible release was published less than 2 years ago.
|
||||
|
||||
For example, as of 2023-06-13 the latest release is 0.21.1.
|
||||
For example, as of 2024-04-18 the latest release is 0.23.4.
|
||||
|
||||
* 0.23.0 was released in February of 2024
|
||||
* 0.22.0 was released in December of 2023
|
||||
* 0.21.0 was released in March of 2023
|
||||
* 0.20.0 was released in September of 2021
|
||||
* 0.19.0 was released in November of 2020
|
||||
|
||||
Therefore 0.20.x and 0.21.x will be updated, while 0.19.x will not be.
|
||||
Therefore 0.23.x, 0.22.x and 0.21.x will be updated, while 0.20.x and 0.19.x
|
||||
will not be.
|
||||
|
||||
_Note: We use the date of `crates.io` publication when evaluating the security
|
||||
policy. For example, while the Rustls 0.20.0 GitHub release note was created
|
||||
Jul, 2023 the actual release in `crates.io` was published in Sept. 2021._
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
|
|
Loading…
Reference in New Issue