ISC treats the security of its software products very seriously. ISC's Security Vulnerability Disclosure Policy is documented in the relevant ISC KnowledgeBase article.
To report a security vulnerability, please follow this instruction.
Briefly, we prefer that you open a confidential GitLab issue (not Github). The GitLab issue creates a record, is visible to all ISC engineers, and provides a shared communication channel with the reporter.
If it is not possible to create a GitLab issue, then send e-mail (encrypted if possible) to stork-security@isc.org.
Please do not discuss undisclosed security vulnerabilities on any public mailing list. ISC has a long history of handling reported vulnerabilities promptly and effectively and we respect and acknowledge responsible reporters.
If you have a crash, you may want to consult the KnowledgeBase article entitled "What to do if your Stork has crashed".
Stork currently has no stable versions, and all releases are considered development ones. Only the last development version is supported:
Version | Supported | End-Of-Life |
---|---|---|
latest 1.x.0 | ✅ | on release of 1.(x+1).0 |
1.16.0 | ❌ | 2024 June 12 |
1.15.1 | ❌ | 2024 April 5 |
earlier | ❌ |
The first stable version will be 2.0.0. Stable versions, denoted with even minor numbers, will be supported for at least 6 months. Development versions will reach EOL as soon as the next development or stable version is released.
Limited past EOL support may be available to higher tier customers. Please contact ISC sales, using the contact form.
The Past advisories for Stork can be found on the KnowledgeBase.
On the left hand panel, see the Security Advisories
in the Stork
section.