siv-org / siv

Secure Internet Voting protocol
https://siv.org
Other
12 stars 9 forks source link

No Security.md file for tracking versions within the repo #198

Open Gr33nMach1ne opened 2 months ago

Gr33nMach1ne commented 2 months ago

A security.md file is needed to track security changes. Addressing vulnerabilites or issues inthis way contributes to transparency. Example given below:

Security Policy

Supported Versions

The following versions of our project are currently supported with security updates. If you are using an unsupported version, please consider upgrading to a supported version to ensure that you receive the latest security fixes.

Version Supported
5.1.x :white_check_mark:
5.0.x :x:
4.0.x :white_check_mark:
< 4.0 :x:

Reporting a Vulnerability

If you discover a security vulnerability in our project, we encourage you to report it as soon as possible. We appreciate your help in keeping our project secure for everyone.

How to Report

What to Include

When reporting a vulnerability, please include the following information:

What to Expect

Public Disclosure

We will coordinate with you to disclose the vulnerability responsibly. We request that you do not publicly disclose the vulnerability until we have had a chance to address it.

Thank you for helping us keep our project secure!

arianabuilds commented 2 months ago

Entry Summary for HACK SIV @ DEF CON 2024

Thanks again for participating! This submission earned $45.35 from SIV and $60.17 from the Public Vote, for a total of $105.52.

Here's what we noted in our evaluation:

What's interesting about this submission

What takes away from it

Issue to track getting paid: https://github.com/siv-org/hack.siv.org/issues/4