We currently support the following versions with security updates:
| Version | Supported |
|---|---|
| Latest | β Yes |
| < 1.0 | β No |
We take the security of PyTorch Teaching seriously. If you discover a security vulnerability, please follow these steps:
DO NOT create a public GitHub issue for security vulnerabilities.
Instead, please report security vulnerabilities by:
- Email: Send details to the repository maintainers
- GitHub Security Advisories: Use the "Security" tab on GitHub
When reporting a vulnerability, please include:
- π Type of vulnerability
- π Detailed description
- π― Steps to reproduce
- π₯ Potential impact
- π οΈ Suggested fix (if available)
- π§ Your contact information
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Fix Timeline: Depends on severity
- π΄ Critical: Within 24-48 hours
- π High: Within 7 days
- π‘ Medium: Within 30 days
- π’ Low: Next release cycle
When using this repository:
- β Always use the latest version
- β Keep PyTorch and dependencies updated
- β Use virtual environments
- β Don't run untrusted code
- β Validate data sources
- β Use HTTPS for downloads
- β Review code for security issues
- β Don't commit secrets or credentials
- β
Use
.gitignoreproperly - β Sanitize user inputs
- β Follow secure coding practices
- β Test security fixes thoroughly
-
Code Injection
- Command injection
- Code execution vulnerabilities
-
Data Security
- Exposure of sensitive data
- Insecure data handling
-
Dependencies
- Vulnerable packages
- Outdated libraries
-
Access Control
- Unauthorized access
- Permission issues
- π PyTorch Security
- π Python Security Best Practices
- π OWASP Top 10
We recognize and thank security researchers who responsibly disclose vulnerabilities:
No security issues reported yet.
When we receive a security report:
- β We confirm receipt within 48 hours
- π We investigate and validate the issue
- π οΈ We develop and test a fix
- π’ We release the fix
- ποΈ We credit the reporter (if desired)
- Security patches are released as soon as possible
- Critical vulnerabilities may result in immediate releases
- Users are notified through:
- GitHub Security Advisories
- Release notes
- README updates
Thank you for helping keep PyTorch Teaching safe! π
If you have questions about security, please contact the maintainers.