The single latest available release is the only release supported by this Security Policy.
| Version | Supported |
|---|---|
| 1.x.x latest | β |
| 1.2.x | β |
| 1.1.x | β |
| 1.0.x | β |
* Note: Latest version - if it is v1.2.3 then that is supported, if latest is v1.4.1 then that is supported, etc.
Please refrain from depending on any external source - for instance, noVNC-latest is bundled into the Module.
Best practices should be followed during Software Engineering which is especially hard when only patching.
- Principle of Least Privilege
- Input Validation & Sanitisation
- Secure Communication (HTTPS etc)
- Compatibility with core/updates
- Thorough inline comments/specs
- Robust error handling/logging
- Secure configs by default
GitHub "Private vulnerability reporting" is enabled for The-Network-Crew/Proxmox-VE-for-WHMCS repository.
Or, use a publicly-available email address for The Network Crew Pty Ltd to submit it via email instead.
DO NOT raise a public issue where there is threat to users of the module. Raise it properly.
As a company, we do not believe in paying security bounties, rather in writing good code.
We appreciate your input and work to address issues as quickly as possible, security first and foremost.
Updates can be provided as promptly as days apart, however this depends on severity/scope, and is always reasonable.
We & the entire FOSS community thank you for reviewing this file & being aware of how to improve the project.