1*ac13d5f3SPatrick WilliamsHow to Report a Potential Vulnerability? 2*ac13d5f3SPatrick Williams======================================== 3*ac13d5f3SPatrick Williams 4*ac13d5f3SPatrick WilliamsIf you would like to report a public issue (for example, one with a released 5*ac13d5f3SPatrick WilliamsCVE number), please report it using the 6*ac13d5f3SPatrick Williams[https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Security Security Bugzilla]. 7*ac13d5f3SPatrick WilliamsIf you have a patch ready, submit it following the same procedure as any other 8*ac13d5f3SPatrick Williamspatch as described in README.md. 9*ac13d5f3SPatrick Williams 10*ac13d5f3SPatrick WilliamsIf you are dealing with a not-yet released or urgent issue, please send a 11*ac13d5f3SPatrick Williamsmessage to security AT yoctoproject DOT org, including as many details as 12*ac13d5f3SPatrick Williamspossible: the layer or software module affected, the recipe and its version, 13*ac13d5f3SPatrick Williamsand any example code, if available. 14*ac13d5f3SPatrick Williams 15*ac13d5f3SPatrick WilliamsBranches maintained with security fixes 16*ac13d5f3SPatrick Williams--------------------------------------- 17*ac13d5f3SPatrick Williams 18*ac13d5f3SPatrick WilliamsSee [https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS Stable release and LTS] 19*ac13d5f3SPatrick Williamsfor detailed info regarding the policies and maintenance of Stable branches. 20*ac13d5f3SPatrick Williams 21*ac13d5f3SPatrick WilliamsThe [https://wiki.yoctoproject.org/wiki/Releases Release page] contains a list of all 22*ac13d5f3SPatrick Williamsreleases of the Yocto Project. Versions in grey are no longer actively maintained with 23*ac13d5f3SPatrick Williamssecurity patches, but well-tested patches may still be accepted for them for 24*ac13d5f3SPatrick Williamssignificant issues. 25