[nginx] Updated security policy to clarify experimental features.
noreply at nginx.com
noreply at nginx.com
Mon Dec 23 16:37:02 UTC 2024
details: https://github.com/nginx/nginx/commit/c73fb273acc31bff7c4e469efda5f3fd66c48557
branches: master
commit: c73fb273acc31bff7c4e469efda5f3fd66c48557
user: Jordan Zebor <j.zebor at f5.com>
date: Mon, 23 Dec 2024 08:07:01 -0800
description:
Updated security policy to clarify experimental features.
The original security policy language did not capture the scope
as intended for experimental features and availability.
---
SECURITY.md | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/SECURITY.md b/SECURITY.md
index f5cfcd788..8e173ed16 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -69,8 +69,7 @@ limiting, or buffer size configurations, or applying changes is impractical.
Availability issues excluded from the security release process:
- Local file content or upstream response content resulting only in worker
process termination.
-- Issues with experimental features which result only in worker process
-termination.
+- Issues with experimental features which result only in availability impact.
## Trusted Configurations and Misconfigurations
More information about the nginx-devel
mailing list