Scope
This page describes when and how we release security bug fixes for our products.
Severity Codes:
Critical | The add-on is completely down – Business cannot continue. |
High | Part of the add-on not functioning – Business affected. |
Medium | Minor fault / – minimum business affected. |
Low | Minor fault/cosmetic fault – business not affected. |
Security Bugfix Service Level Agreement (SLA)
We attempt to meet the following timeframes for fixing security issues.
- Critical severity bugs bugs should be fixed in the product within 4 weeks of within 1 week of being reported.
- High severity bugs bugs should be fixed in the product within 6 within 2 weeks of being reported.
- Medium severity bugs bugs should be fixed in the product within 3 weeks of being reported.
- Low severity bugs should be fixed in the product within 8 within 4 weeks of being reported.
Critical vulnerabilities
When a Critical security vulnerability is discovered Infosysta will do all of the following:
- Issue a new, fixed release for the current version of the affected product as soon as possible.