Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 3fe77bf

Browse files
iText-CIiText-CI
committedOct 11, 2024
[RELEASE] iText 9.0.0
2 parents fc287bc + a157a78 commit 3fe77bf

File tree

2,197 files changed

+52166
-45302
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

2,197 files changed

+52166
-45302
lines changed
 

‎README.md

Lines changed: 41 additions & 39 deletions
Large diffs are not rendered by default.

‎SECURITY.md

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
# iText Security Policy
2+
3+
## Reporting a Vulnerability
4+
5+
We are committed to maintaining the security of our software. If you discover a security vulnerability, we encourage you to report it to us as soon as possible.
6+
7+
To report a vulnerability, please visit our [Vulnerability Reporting Page](https://itextpdf.com/report-vulnerability), or email [vulnerability@apryse.com](vulnerability@apryse.com). If you do not receive a response in 2 business days, please follow up as we may not have received your message.
8+
9+
We follow the procedure of Coordinated Vulnerability Disclosure (CVD) and, to protect the ecosystem, we request that those reporting do the same. Please visit the above page for more information, and follow the steps below to ensure that your report is handled promptly and appropriately:
10+
11+
1. **Do not disclose the vulnerability publicly** until we have had a chance to address it.
12+
2. **Provide a detailed description** of the vulnerability, including steps to reproduce it, if possible.
13+
3. **Include any relevant information** such as the version of iText Core you are using, your operating system, and any other pertinent details.
14+
15+
## Security Updates and Patches
16+
17+
When a vulnerability is reported, we will:
18+
19+
1. **Investigate and verify** the vulnerability.
20+
2. **Develop and test** a fix for the vulnerability.
21+
3. **Release a patch** as soon as possible.
22+
23+
## Known Vulnerabilities
24+
25+
The iText Knowledge Base has a page for known [Common Vulnerabilities and Exposures](https://kb.itextpdf.com/itext/cves) (CVEs), please check it to ensure your vulnerability has not already been disclosed or addressed.
26+
27+
## Supported product lines
28+
29+
See [Compatibility Matrix](https://kb.itextpdf.com/itext/compatibility-matrix)
30+
31+
## Security Best Practices
32+
33+
To help ensure the security of your applications using iText Core, we recommend the following best practices:
34+
35+
1. **Keep iText Core up to date** by regularly checking for and applying updates.
36+
2. **Review and follow** our security guidelines for secure usage.
37+
3. **Monitor your applications** for any unusual activity and investigate any anomalies promptly.
38+
39+
Thank you for helping us keep iText secure!

0 commit comments

Comments
 (0)