If you believe you have discovered a security vulnerability in the TanyaWii project, please follow the steps below:

1. Do Not Create Public Issues: Do not disclose the vulnerability publicly by creating a public issue or posting it in forums.
2. Report to Us Directly: Email us at [email protected] with the following details:
   • A detailed description of the vulnerability.
   • Steps to reproduce the issue.
   • Impact assessment and any suggestions for mitigation.
   • Any supporting evidence or proof of concept, if available.

We take security very seriously and will respond promptly to your report. We will also acknowledge receipt and keep you updated on the progress of the investigation.

To ensure that users of TanyaWii are protected, we only support the latest stable versions of the software. Older versions may no longer receive security updates. For details on which versions are currently supported, please refer to the table above.

When a security vulnerability is identified, we will release a security update as soon as possible. Security updates will be communicated through the following channels:

• GitHub Releases: Updates will be published on GitHub Releases.
• Email Notifications: Registered users will receive email notifications if they are affected by a security issue.

To keep your instance of TanyaWii secure, follow these best practices:

• Update Regularly: Ensure that you are using the latest version of TanyaWii to benefit from the latest security patches and updates.
• Use Strong Authentication: Use strong, unique passwords for all user accounts and enable multi-factor authentication (MFA) if available.
• Secure Your Environment: Ensure that your deployment environment is secure and up-to-date with the latest security patches.
• Monitor for Security Issues: Regularly review and monitor your instance for any unusual activity or potential security issues.

We may update our security policy from time to time to reflect changes in our security practices or legal requirements. Any updates will be communicated through our GitHub repository and website.

If you have any questions or concerns regarding this security policy, please contact us at [email protected].

Thank you for helping us keep TanyaWii secure!