Skip to content

Security: MAPS-Lab/AISdb-Tutorials

SECURITY.md

Security Policy

This policy applies to every repository in the MAPS Lab organization unless a repository provides its own security policy.

Supported Versions

MAPS Lab is committed to maintaining the security of our software and promptly addressing security vulnerabilities. Security fixes target the latest release of each actively maintained project. Older releases do not receive security updates, so please upgrade to the most recent version before reporting an issue.

Reporting a Vulnerability

The MAPS Lab team takes security vulnerabilities seriously. If you discover a security issue within any MAPS Lab project, please report it by following the guidelines below. This allows us to assess the risk and take the necessary steps to mitigate the vulnerability as quickly as possible.

How to Report a Security Vulnerability

  • Email. Send an email to mapslab@dal.ca. Please include a detailed description of the issue, including the steps to reproduce the vulnerability and the affected repository. If possible, include patches, scripts, or other resources that could help evaluate the vulnerability.
  • GitHub issue. For findings that do not immediately impact the security of a project or its users (such as potential optimizations or best practices), consider opening a GitHub issue on the relevant repository.

Response Expectations

  • Acknowledgment. You can expect to receive an acknowledgment of your report within 72 hours.
  • Communication. We will keep you informed of your report's status, including the vulnerability assessment, throughout the resolution process.
  • Confidentiality. Please keep the communication regarding the security issue confidential until we have assessed the impact and publicly disclosed the vulnerability.
  • Disclosure. Once the vulnerability has been addressed, we will provide a report about the issue, the steps taken to resolve it, and any applicable acknowledgments to those who reported it.

We appreciate your support in making MAPS Lab projects more secure. By following these guidelines, we can work together to ensure the security and integrity of our software.

There aren't any published security advisories