File tree 1 file changed +29
-0
lines changed
1 file changed +29
-0
lines changed Original file line number Diff line number Diff line change 1+ # Security Policy
2+
3+ We take the security of cryptoauthlib very seriously. Please submit security vulnerabilities to
4+ the Microchip Product Security Incident Response Team (PSIRT) which is responsible for receiving
5+ and responding to reports of potential security vulnerabilities in our products, as well as in
6+ any related hardware, software, firmware, and tools. Please see below for instructions on how
7+ to submit your report.
8+
9+ ## Supported Versions
10+
11+ The previous API version is maintained for a year after a new version is released.
12+
13+ | Version | Supported | Notes |
14+ | ------- | ------------------ | ----- |
15+ | 3.3.x | :heavy_check_mark : | |
16+ | 3.2.x | :heavy_check_mark : | Security updates until January 2022 |
17+ | < 3.2 | :x : | |
18+
19+ ## Reporting a Vulnerability
20+
21+ [ How to Report Potential Product Security Vulnerabilities] ( https://www.microchip.com/design-centers/embedded-security/how-to-report-potential-product-security-vulnerabilities )
22+
23+ Once a report is received, the PSIRT will take the necessary steps to review the issue
24+ and determine what actions might be required to address any potential impacts to our products.
25+ Microchip PSIRT follows a coordinated vulnerability responsible disclosure policy that is available
26+ for review.
27+
28+ Please use the above instructions to securely submit your findings - We ask that you refrain from
29+ reporting vulnerabilties through the public github issues system.
You can’t perform that action at this time.
0 commit comments