| How to Report a Potential Vulnerability? |
| ======================================== |
| |
| If you would like to report a public issue (for example, one with a released |
| CVE number), please report it using the |
| [https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Security Security Bugzilla]. |
| If you have a patch ready, submit it following the same procedure as any other |
| patch as described in README.md. |
| |
| If you are dealing with a not-yet released or urgent issue, please send a |
| message to security AT yoctoproject DOT org, including as many details as |
| possible: the layer or software module affected, the recipe and its version, |
| and any example code, if available. |
| |
| Branches maintained with security fixes |
| --------------------------------------- |
| |
| See [https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS Stable release and LTS] |
| for detailed info regarding the policies and maintenance of Stable branches. |
| |
| The [https://wiki.yoctoproject.org/wiki/Releases Release page] contains a list of all |
| releases of the Yocto Project. Versions in grey are no longer actively maintained with |
| security patches, but well-tested patches may still be accepted for them for |
| significant issues. |
