details: https://github.com/nginx/nginx/commit/c73fb273acc31bff7c4e469efda5f3fd66c48557 branches: master commit: c73fb273acc31bff7c4e469efda5f3fd66c48557 user: Jordan Zebor <j.ze...@f5.com> date: Mon, 23 Dec 2024 08:07:01 -0800 description: Updated security policy to clarify experimental features.
The original security policy language did not capture the scope as intended for experimental features and availability. --- SECURITY.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index f5cfcd788..8e173ed16 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -69,8 +69,7 @@ limiting, or buffer size configurations, or applying changes is impractical. Availability issues excluded from the security release process: - Local file content or upstream response content resulting only in worker process termination. -- Issues with experimental features which result only in worker process -termination. +- Issues with experimental features which result only in availability impact. ## Trusted Configurations and Misconfigurations _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx-devel
