Merge branch 'fix/activity-expirations-again' of git.pleroma.social:pleroma/pleroma into fix/activity-expirations-again

1 files changed, 16 insertions, 0 deletions

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..c212a2505
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Pleroma backend security policy
+
+## Supported versions
+
+Currently, Pleroma offers bugfixes and security patches only for the latest minor release.
+
+| Version | Support 
+|---------| --------
+| 2.0     | Bugfixes and security patches
+
+## Reporting a vulnerability
+
+Please use confidential issues (tick the "This issue is confidential and should only be visible to team members with at least Reporter access." box when submitting) at our [bugtracker](https://git.pleroma.social/pleroma/pleroma/-/issues/new) for reporting vulnerabilities.
+## Announcements
+
+New releases are announced at [pleroma.social](https://pleroma.social/announcements/). All security releases are tagged with ["Security"](https://pleroma.social/announcements/tags/security/). You can be notified of them by subscribing to an Atom feed at <https://pleroma.social/announcements/tags/security/feed.xml>.