2021-02-25 10:41:38 +00:00
|
|
|
## Reporting Vulneratibilities
|
|
|
|
|
|
|
|
If you think you have found an Mbed TLS security vulnerability, then please
|
|
|
|
send an email to the security team at
|
|
|
|
<mbed-tls-security@lists.trustedfirmware.org>.
|
|
|
|
|
|
|
|
## Security Incident Handling Process
|
|
|
|
|
2021-12-21 05:14:10 +00:00
|
|
|
Our security process is detailed in our
|
2021-03-16 11:04:44 +00:00
|
|
|
[security
|
2021-02-25 10:41:38 +00:00
|
|
|
center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).
|
|
|
|
|
|
|
|
Its primary goal is to ensure fixes are ready to be deployed when the issue
|
|
|
|
goes public.
|
|
|
|
|
|
|
|
## Maintained branches
|
|
|
|
|
2021-03-16 11:04:44 +00:00
|
|
|
Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md),
|
|
|
|
get security fixes.
|
2021-02-25 10:41:38 +00:00
|
|
|
Users are urged to always use the latest version of a maintained branch.
|