Skip to content

Security: umati/open62541

SECURITY.md

Security Policy

Supported Versions

The following versions of open62541 are monitored for vulnerabilities and are part of our vulnerability handling and release process.

Version Community Support Commercial Support Available
master ✔️ ✔️
v1.4.x ✔️ ✔️
v1.3.x 🌗 ✔️
<= v1.2.x 🌗 ✔️
<= v1.0.x 🌗

Reporting a Vulnerability

Security vulnerabilities can be disclosed privately to the mailing list [email protected].

The disclosure triggers an evaluation of the vulnerability. Depending on the criticality, the follow-up comprises of the following steps:

  • Responsible disclosure of the vulnerability to critical professional users (with an embargo period)
  • Commit of the fix to the public repository
  • Backporting of the fix to past release families
  • Preparation of patch releases
  • Public disclosure of the vulnerability

You can send us encrypted email with PGP using this public key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZyvNHBYJKwYBBAHaRw8BAQdAVVciLHk9qEu38ZmqGfUuB9SD7lvw6Z8lTm6G
H2zqh4O0NG9wZW42MjU0MSBUZWFtIDxvcGVuNjI1NDEtc2VjdXJpdHlAZ29vZ2xl
Z3JvdXBzLmNvbT6ImQQTFgoAQRYhBMlp8zR7pjG9VoaVFK5VKNbXA7F8BQJnK80c
AhsDBQkFoxmUBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEK5VKNbXA7F8
vLcBAIC7/R5gZrqXm+js+tQrMgua/7Rr8h2CGC8GVogwLmYBAQDF9XzoZMBPQu5j
Vtudpc3lzQy4g8qzIvtwTaQe4KOhCLg4BGcrzRwSCisGAQQBl1UBBQEBB0Acmd51
rRZ3697if50xOUeu2tdHjOWMn+P3Ga5/2ZIGKwMBCAeIfgQYFgoAJhYhBMlp8zR7
pjG9VoaVFK5VKNbXA7F8BQJnK80cAhsMBQkFoxmUAAoJEK5VKNbXA7F8y4UA/RSe
NKKvTqtDayyNn6kRKLnuBAPlXTjvpMARcSMFe9APAQCdu22yS4KB3cGBHoXMSTwO
tfp1v8HATMXKB65FmujmBg==
=Juz6
-----END PGP PUBLIC KEY BLOCK-----

There aren’t any published security advisories