Skip to content

Security: cm-schl/snappymail

Security

SECURITY.md

Security Policy

Supported Versions

Currently due to the fast development only the latest version receives security updates.

Version Supported
2.30.x
< 2.30.0

Reporting a Vulnerability

Please report security issues or vulnerabilities as an encrypted email to [email protected]. Your report should be detailed enough with clear steps to reproduce and classify the found vulnerability.

You can find the PGP public key below and on the major public keyservers like keys.openpgp.org.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: Type: 255-bit EdDSA
Comment: Fingerprint: 445D265124E6072671E64D0733F868A7E35E8277

mDMEYiE2QRYJKwYBBAHaRw8BAQdAqMrQUm6DddWcQNo0VEjNIu3Q6CfP3nokVv2Y
rNQ1avq0LFNuYXBweU1haWwgU2VjdXJpdHkgPHNlY3VyaXR5QHNuYXBweW1haWwu
ZXU+iJQEExYKADwWIQREXSZRJOYHJnHmTQcz+Gin416CdwUCYiE2QQIbAwULCQgH
AgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQM/hop+NegnfSGgD9GEHpOrvWpBGY
dYfvVd/+Lv5d+dFBcPyki9zu9zHfhwkBAL343EF6ZR0XwMlOQu9wu0hT9KBz4g55
6D41i0PrEaoBuDgEYiE2QRIKKwYBBAGXVQEFAQEHQMMr9gcVcJ3aiup/tpl8ZXxy
aJiJRGkPyNwGI5vxHMpZAwEIB4h4BBgWCgAgFiEERF0mUSTmByZx5k0HM/hop+Ne
gncFAmIhNkECGwwACgkQM/hop+NegndVhgD/SVGSKbF4G2W024VpW2tm3zCT+ue+
YMXQVq4SJt7UpWABAORudfJxsBqCRKtPlZMgGTJLjcOkyFJ9C2Fx7DeN0J4I
=nSOi
-----END PGP PUBLIC KEY BLOCK-----

Publishing and Credits

I will analyze and fix the reported issue as fast as possible. Together with the reporter I plan the disclosure of the found and fixed vulnerability. Credits to the reporter are granted and can be included in all public communication if desired.

There aren’t any published security advisories