bigbluebutton-Github/SECURITY.md
2023-09-26 11:41:25 -04:00

25 lines
1.1 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Security Policy
## Supported Versions
We actively support BigBlueButton through the community forums and through security updates.
| Version | Supported |
| ------- | ------------------ |
| 2.5.x (or earlier) | :x: |
| 2.6.x   | :white_check_mark: |
| 2.7.x   | :white_check_mark: |
| 3.0.x   | :x: |
We have released 2.7 to the community and are going to support both 2.6 and 2.7 together for the coming months (while we're actively developing the next release). Also, BigBlueButton 2.5 is now end of life.
As such, we recommend that all administrators deploy 2.7 going forward. You'll find [many improvements](https://docs.bigbluebutton.org/2.7/new-features) in this newer version.
## Reporting a Vulnerability
If you believe you have found a security vunerability in BigBlueButton please let us know directly by
- using GitHub's "Report a vulnerability" functionality on https://github.com/bigbluebutton/bigbluebutton/security/advisories
- or e-mailing security@bigbluebutton.org with as much detail as possible.
Regards,... [BigBlueButton Team](https://docs.bigbluebutton.org/support/faq.html#bigbluebutton-committer)