At FritzTech, we take security seriously. If you believe you have found a security vulnerability in our project, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.
To report a vulnerability, please email us at security@fritztech.net with a detailed description of the vulnerability and steps to reproduce it. Please do not disclose the vulnerability publicly until we have had a chance to address it.
We prioritize the most recent releases of our project for security updates. If you are using an older version, we encourage you to upgrade to the latest release to benefit from the most recent security fixes.
We are committed to releasing security updates promptly after verifying and fixing reported vulnerabilities. These updates will be provided through new releases and will include detailed release notes outlining the security fixes.
We greatly appreciate the efforts of security researchers and developers in helping to keep our project secure. We ask that you follow responsible disclosure practices when reporting vulnerabilities to us. This includes:
- Providing us with a reasonable amount of time to address the issue before disclosing it publicly.
- Avoiding any unauthorized access, data manipulation, or disruption to our services or users.
- Not sharing any sensitive information belonging to our users or organization.
Our goal is to address any issues within a 90 day window from disclosure. If we have not responded to you within 90 days please go ahead with your disclosure and if possible submit a pull request to fix.
We also are committed to coordinating public disclosure with reporting researchers. We would like to credit you and link to your own disclosure in our disclosure but will never disclose personally identifying information without permission.
This security policy applies to the projects by fritz-fritz hosted on GitHub. It does not cover any third-party dependencies or services used by the project. Please report vulnerabilities related to those components directly to the maintainers of the respective projects.
For any questions or concerns regarding this security policy, please contact us at security@fritztech.net.
We reserve the right to update and change this security policy as necessary to reflect evolving security practices and standards. Any changes will be reflected on this page, so please check back periodically for updates.