Skip to content

Security: MIPI-Alliance/.github

Security

SECURITY.md

Security Policy

MIPI Alliance software projects follow the security process in Annex D.6 of the MIPI Policy and Procedures for Software Development Projects.

Reporting a Vulnerability

Do not report security vulnerabilities through public GitHub issues.

Report them by email to:

Please include, where possible: a description and impact, steps to reproduce or a proof of concept, affected version(s)/commit(s), and any known mitigations. You may include a patch.

Process

The project Security Team (or, absent one, the Maintainer) evaluates each report, prepares a fix where warranted, and coordinates disclosure. No information about an issue is released publicly before the corresponding coordinated release, except where the vulnerability is already public. Security releases are tagged major.minor.subminor-securityX.

There aren't any published security advisories