Skip to content

Latest commit

 

History

History
24 lines (15 loc) · 887 Bytes

SECURITY.md

File metadata and controls

24 lines (15 loc) · 887 Bytes

Security Policy

Supported Versions

pg_tde project follows rolling release strategy. So all security updates go to new versions.

Reporting a Vulnerability

Please report any vulnerabilities to our project in Jira.

If the vulnerability is accepted and confirmed by our experts, you should normally expect us to deliver a version with a fix according to the timelines provided below:

For Percona created software (our engineers wrote the code):

  • Low/Medium: 120 days
  • High: 90 days
  • Critical: ASAP but should not exceed 30 days

For Non-Percona created software (upstream provided/packaged) from the time the vendor releases a patch:

  • Low/Medium: 2nd release from current version
  • High: Next release
  • Critical: Hotfix or no later than next release (our regular release cadence is once every month)