go-pulse/SECURITY.md

# Security Policy

## Supported Versions

Please see [Releases](https://gitlab.com/pulsechaincom/go-pulse/-/releases). We recommend using the [most recently released version](https://gitlab.com/pulsechaincom/go-pulse/-/releases).

## Audit reports

Audit reports are published in the [docs/audits](docs/audits) folder.

| Scope | Date | Report Link |
| ------- | ------- | ----------- |
| `geth` | 20170425 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2017-04-25_Geth-audit_Truesec.pdf) |
| `clef` | 20180914 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2018-09-14_Clef-audit_NCC.pdf) |
| `Discv5` | 20191015 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2019-10-15_Discv5_audit_LeastAuthority.pdf) |
| `Discv5` | 20200124 | [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2020-01-24_DiscV5_audit_Cure53.pdf) |

## Reporting a Vulnerability

**Please do not file a public ticket** mentioning the vulnerability.

**TODO**
<!-- To find out how to disclose a vulnerability in Ethereum visit [https://bugcrowd.com/binance](https://bugcrowd.com/binance) or email bounty@ethereum.org. Please read the [disclosure page](https://github.com/binance-chain/bsc/security/advisories) for more information about publicly disclosed security vulnerabilities.

Use the built-in `geth version-check` feature to check whether the software is affected by any known vulnerability. This command will fetch the latest [`vulnerabilities.json`](https://geth.ethereum.org/docs/vulnerabilities/vulnerabilities.json) file which contains known security vulnerabilities concerning `geth`, and cross-check the data against its own version number. -->
SECURITY.md: create security policy (#19666) Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard. The pgp fingerprint and key is taken from bounty.ethereum.org. 2019-06-06 12:40:52 +00:00			`# Security Policy`

			`## Supported Versions`

Merge go-ethereum v1.10.15 2022-01-13 05:42:34 +00:00			`Please see [Releases](https://gitlab.com/pulsechaincom/go-pulse/-/releases). We recommend using the [most recently released version](https://gitlab.com/pulsechaincom/go-pulse/-/releases).`
SECURITY.md: create security policy (#19666) Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard. The pgp fingerprint and key is taken from bounty.ethereum.org. 2019-06-06 12:40:52 +00:00
			`## Audit reports`

Merge go-ethereum v1.10.15 2022-01-13 05:42:34 +00:00			`Audit reports are published in the [docs/audits](docs/audits) folder.`
SECURITY.md: create security policy (#19666) Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard. The pgp fingerprint and key is taken from bounty.ethereum.org. 2019-06-06 12:40:52 +00:00
			`\| Scope \| Date \| Report Link \|`
			`\| ------- \| ------- \| ----------- \|`
			\| `geth` \| 20170425 \| [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2017-04-25_Geth-audit_Truesec.pdf) \|
			\| `clef` \| 20180914 \| [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2018-09-14_Clef-audit_NCC.pdf) \|
Merge go-ethereum v1.10.8 Add debug build to make and docker 2021-09-06 20:23:36 +00:00			\| `Discv5` \| 20191015 \| [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2019-10-15_Discv5_audit_LeastAuthority.pdf) \|
			\| `Discv5` \| 20200124 \| [pdf](https://github.com/ethereum/go-ethereum/blob/master/docs/audits/2020-01-24_DiscV5_audit_Cure53.pdf) \|
SECURITY.md: create security policy (#19666) Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard. The pgp fingerprint and key is taken from bounty.ethereum.org. 2019-06-06 12:40:52 +00:00
			`## Reporting a Vulnerability`

			`Please do not file a public ticket mentioning the vulnerability.`

Merge go-ethereum v1.10.15 2022-01-13 05:42:34 +00:00			`TODO`
			`<!-- To find out how to disclose a vulnerability in Ethereum visit [https://bugcrowd.com/binance](https://bugcrowd.com/binance) or email bounty@ethereum.org. Please read the [disclosure page](https://github.com/binance-chain/bsc/security/advisories) for more information about publicly disclosed security vulnerabilities.`
SECURITY.md: create security policy (#19666) Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard. The pgp fingerprint and key is taken from bounty.ethereum.org. 2019-06-06 12:40:52 +00:00
Merge go-ethereum v1.10.15 2022-01-13 05:42:34 +00:00			Use the built-in `geth version-check` feature to check whether the software is affected by any known vulnerability. This command will fetch the latest [`vulnerabilities.json`](https://geth.ethereum.org/docs/vulnerabilities/vulnerabilities.json) file which contains known security vulnerabilities concerning `geth`, and cross-check the data against its own version number. -->