v6.32 (#3721)

cocoflan · web-flow · commit c539428730e7 · 2020-08-25T19:18:16.000+02:00
+ Create initial SECURITY.md with information about which and how to report security vulnerabilities
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,13 @@
+## Security Policy
+
+### Coverage
+
+Please report security vulnerabilities shipped with our images or created by our scripts (in **/boot/dietpi/**), like insecure system configurations or insecure default software implementations.
+
+We are **not** responsible for a security vulnerability in any package or binary shipped with Debian, Raspbian, any 3rd party repository or within the software executables themselves. In such cases please report issues to the related repository bug tracker or upstream developers. You may still report those additionally to us, so that we may find a way to work around the issue for our implementation until a fix is available.
+
+### Reporting a Vulnerability
+
+If you have discovered a potential security issue within our images, scripts, configs or software implementations, please send all relevant information (such as references, commits, or code examples that would be useful in reproducing the issue) to <micha@dietpi.com>, so that we may be able to investigate and fix it internally without having our users systems exposed.
+
+Only open an issue at https://github.com/MichaIng/DietPi/issues if you are sure that the contained information cannot be used to compromise any of our users systems.
