As a core kernel and userspace system security platform, SentinelML maintains strict standards of execution integrity.
We actively maintain and backport security patches to the following release tags:
| Version | Supported | Patch Lifespan |
|---|---|---|
| v1.2.0-eBPF | Yes (Active) | Core Backports |
| v1.1.0 | Yes | Critical-only |
| v1.0.x | Yes | Critical-only |
| v0.9.x | No | End-Of-Life |
Please DO NOT open public GitHub issues for suspected security bugs. Public disclosures expose active Kubernetes ML training clusters immediately.
Instead, please report issues by contacting our security engineering group:
- Email: security@sentinelml.io
- Target PGP Key:
F50A 1B89 92C0 EE45
Expect response verification within 24 hours.
- Response Triaging: Our core maintainers will evaluate the report context on isolated test nodes.
- Patch Compilation: We compile targeted fixes for affected trace modules within 7-14 days.
- Disclosure Policy: Suspected vulnerabilities follow standard 90-day responsible disclosure bounds before details are made public.