From 6fdf184357bae7a3c50cea78eec49add3e6bc5cf Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Wed, 5 Jul 2023 16:49:11 +0200
Subject: [PATCH] Add security policy

Signed-off-by: Knut Ahlers <knut@ahlers.me>
---
 SECURITY.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..8d8eaf4
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,17 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+| ------- | ------------------ |
+| `master` | :x: - This version is still unstable and should not be used. If you notice something is off with this version see below how to report a vulnerability. |
+| [latest release](https://github.com/Luzifer/ots/releases/latest) | :white_check_mark: |
+| older versions | :x: - All older releases than the current one might contain vulnerabilities and are no longer maintained. Please update to the latest release as quickly as you can. You can use the Github "Watch" functionality and watch for new releases to get notified. |
+
+## Reporting a Vulnerability
+
+To report an issue not affecting the safety of OTS instances please [open an issue on Github](https://github.com/Luzifer/ots/issues/new).
+
+To report an issue affecting the safety of OTS instances please send me an E-Mail to `knut@ahlers.me` with details about the issue. A PGP key is available here: [`0x5D7EEBD183A1F4395D1ED038A5143194CB681B44`](https://knut.in/gpg)
+
+As this is only a small project maintained only by me there are no bug-bounties or other compensations.