0byt3m1n1

Path: /data/applications/aps/typo3/12.4.7/standard/htdocs/vendor/typo3/html-sanitizer/ [ Home ]
File: SECURITY.md
# Security Policy

## Supported Versions

The following matrix shows the versions that are currently maintained.

| Version | Supported          |
|---------|--------------------|
| 2.x     | :white_check_mark: |
| 1.5.x   | :white_check_mark: |
| < 1.5.0 | :x:                |

## Reporting a Vulnerability

Please report potential vulnerabilities to the TYPO3 Security Team either

* by reaching out to [security@typo3.org](mailto:security@typo3.org), or
* by [reporting a new vulnerability via GitHub](https://github.com/TYPO3/html-sanitizer/security/advisories/new)

### Message Encryption

It is possible to send GPG/PGP encrypted emails to security@typo3.org using key id
`C05FBE60` (complete fingerprint `B41C C3EF 373E 0F5C 7018 7FE9 3BEF BD27 C05F BE60`):

* download [public key file from keys.openpgp.org](https://keys.openpgp.org/vks/v1/by-fingerprint/B41CC3EF373E0F5C70187FE93BEFBD27C05FBE60)
* download [public key file from typo3.org](https://typo3.org/fileadmin/t3o_common_storage/keys/B41CC3EF373E0F5C70187FE93BEFBD27C05FBE60.asc)

## TYPO3 Release Dates / "Patchday"

TYPO3 releases (including potential security fixes) are usually released
on Tuesdays (except for holidays like Christmas or New Year's Day).

[Maintenance releases](https://typo3.org/cms/roadmap/maintenance-releases)
for stable versions have been scheduled in advance - it is very likely that
security fixes are released during these dates as well.