We take security vulnerabilities in Liquid Oxygen seriously. We appreciate your efforts in helping us maintain a secure environment. If you discover any security vulnerabilities, please follow these steps to responsibly report them:
- Visit our Security page on GitHub, which is dedicated to handling security-related matters.
- Click on the "Report a vulnerability" button to initiate the reporting process.
- Provide a detailed description of the vulnerability, including the steps to reproduce it and any related information that could assist in its resolution.
- We will acknowledge your report and work with you to assess and address the issue promptly.
- Once the vulnerability is resolved, we will publicly acknowledge your contribution, giving credit for responsible disclosure, unless you prefer to remain anonymous.
We kindly request that you refrain from publicly disclosing the vulnerability until we have addressed it. This allows us to mitigate the risk associated with the vulnerability and protect our users.
To ensure the security of our users, we apply security updates to the last minor version of the Liquid library. This approach helps maintain compatibility while addressing security vulnerabilities effectively.
We highly recommend keeping your Liquid Oxygen updated to the latest patch version to benefit from the latest security patches and enhancements. Regularly checking for updates and promptly applying them helps ensure the security and stability of your application.
Thank you for your commitment to maintaining a secure environment for all Liquid Oxygen users.