Skip to content

Security: ibmruntimes/semeru-openj9-omr

Security

SECURITY.md

Security Policy

Eclipse OMR follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse OMR project leads, or by the Eclipse security team in cooperation with the OMR project leads. Fixing vulnerabilities is the responsibility of OMR project committers.

Supported Versions

Eclipse OMR only supports security updates in upcoming OMR releases.

Reporting a Vulnerability

In case of suspected vulnerabilities, we recommend you do not use the public Eclipse OMR GitHub issue tracker. Instead, contact an Eclipse OMR project lead via the OMR Slack workspace and a private channel will be created for the discussion. You can join the Eclipse OMR Slack workspace here if required. The project leads will follow the Eclipse Foundation policy for reporting and resolving security vulnerabilities.

Project Lead Slack Handle
Daryl Maier @0xdaryl
Mark Stoodley @mstoodle
Charlie Gracie @charliegracie

Alternatively, you may contact the Eclipse Security Team via an email to [email protected].

There aren’t any published security advisories