Only the latest release of CC Switch receives security updates.
仅最新版本的 CC Switch 会收到安全更新。
| Version / 版本 | Supported / 是否支持 |
|---|---|
| Latest 3.x | ✅ Yes / 是 |
| < 3.0 | ❌ No / 否 |
Please do NOT report security vulnerabilities through public GitHub issues.
请不要通过公开的 GitHub Issue 报告安全漏洞。
Instead, please report them through GitHub Security Advisories.
请通过 GitHub 安全公告 进行报告。
When reporting, please include:
报告时请包含以下信息:
- A description of the vulnerability / 漏洞描述
- Steps to reproduce / 复现步骤
- Potential impact / 潜在影响
- Affected versions / 受影响版本
- Acknowledgment / 确认: within 48 hours / 48 小时内
- Initial assessment / 初步评估: within 7 days / 7 天内
- Fix for critical issues / 关键问题修复: within 14 days / 14 天内
We follow a coordinated disclosure process:
我们遵循协调披露流程:
- The reporter submits the vulnerability privately. / 报告者私下提交漏洞。
- We confirm and work on a fix. / 我们确认并修复漏洞。
- A patch release is published. / 发布修复版本。
- The vulnerability is publicly disclosed. / 公开披露漏洞详情。
Reporters will be credited in the release notes unless they prefer to remain anonymous.
除非报告者希望匿名,否则将在发布说明中致谢。
Security fixes are released as patch versions and announced via GitHub Releases. We recommend always updating to the latest version.
安全修复通过补丁版本发布,并通过 GitHub Releases 通知。建议始终更新到最新版本。