Skip to content

Security: lpc76/ItChat

Security

SECURITY.md

Security Acknowledgement

Centreon is committed to the security of its product and services and is continuously improving policies, processes, and products to meet the highest standards.

We acknowledge that Centreon users and security researchers following our Centreon Security Policy to report vulnerabilities are key to the success of this commitment. If you are the first to report a confirmed vulnerability, we would like to recognize your contribution by listing your name, or the name of your organization on this page. You may obviously choose to remain anonymous.

For more details on how to report a security vulnerability, kindly check below.

Centreon reserves the right to make final decisions regarding publishing acknowledgments. Also, please be aware that only reports following our Security Policy may qualify for acknowledgement on this page.


2023

2022

2021

2020


Security Policy

Centreon takes the security of our software products seriously.

If you believe you have found a security vulnerability, please report it to us as described below.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Send an email to security@centreon.com. If possible, encrypt your message with our PGP key below.

You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.

To help us better understand the nature and scope of the possible issue, please describe as much as you can:

  • Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
  • Full paths of source file(s) related to the manifestation of the issue
  • The location of the affected source code (tag/branch/commit or direct URL)
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue, including how an attacker might exploit the issue

Bug bounty

We don't have a bug bounty program but this is something we are thinking about.

PGP information

Public key

Tag Value
Key ID E5E57093
Key Type RSA
Key Size 4096 / 4096
Created 2024-02-22
Expires 2026-02-22
Fingerprint 0858 25F0 2FF0 24C8 FB7C  8DB3 7C26 4CA5 E5E5 7093
UserID Centreon Security security@centreon.com
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGXXAsoBEACrrfyAPaW9LEjbGqNfAkwbbSUo01hZgnb20ifU/S0mng6ab+SG
9QJMLT07vvS5DndT3LbSnwfQgflPBJnXTFi6f5de3k1i+nyIOg48ZT7olpyKgAcW
7qlZiDa81UtJqMI/moRxlxf/WkZNO0Cl0cixxris1g+56OhtxatXO3G6tdSyAtCZ
yaP21hU46nrcR6yims9fw/Fuc4N5gkJabADb5y+eyGqTHf7cG7NOzd+wzU9fzaRI
rtl1D4AGeJyNHhgM9nStTnQpPV2n5vfAO5vb1/waPInrilHmxRLNsMa6Y0a461Ww
k2+lI3nmWJfbrfLvpE1qmkF6yOLqbOkFb0YzT6Bd35a81yEnE1n7h80hh+XPoCSu
Kj5v//YxwIxfVv5V2wFjslUFNx5pPv3R0/YQvR+Bz3TI2oITnFjAlgTNamgXoYGe
6C+VPHSqV3Us5gjmth/Le1ciwuLyJ+DM6Wsxc565NLcVOS4E9UWPMPp8rnmC3Y9q
I7bBMgA3qbktce3TC0uxnXNtDEIdeOqYQ2zywffx9Am8lLYrwQlA8teC1e8fad2W
J7CNGYhS7WFCnBE5PrtuxWFYk0D6j0lFvsLs5Al3X8S0K9L22bo3vVE9aLzkS2rv
cdgviN/EEth0uQLk04LQi6zyQTzTyb29lPIVtDIevmvqwbrrwexAHqi9NQARAQAB
tClDZW50cmVvbiBTZWN1cml0eSA8c2VjdXJpdHlAY2VudHJlb24uY29tPokCVAQT
AQgAPhYhBAhYJfAv8CTI+3yNs3wmTKXl5XCTBQJl1wLKAhsDBQkDw7chBQsJCAcC
BhUKCQgLAgQWAgMBAh4BAheAAAoJEHwmTKXl5XCTZT4P/iCHRktDqERYTiRaGqQ7
zaYuadqxzrzQ/U9KzdhOdzm6sKATL/vW1pA3A4avzXCtcROCdIG+opIQW0VhOjXb
pGDrhgih39Ybk/8Bn2Y0TkqiYja0T2R9j8LF5Eyh9C+MpDXe7JnQtQYlJWFEBGCQ
Jotlhn70I6ALff6iciLu7jRJ+YPS+DYSzo6f6IsnRbLwuXtUfDUauQ0lEgSB+tf9
TbamNCa1islr1uIWAviIUE3L9yuut/cm2kfIbKhNvuoUQCMfxk0PwOLtKb27hSlY
75HYTKLXT1pAR2jJ2Cnog2au16cj8xP7zVeiKjlAC3GLajd0Gaa/eb82qBzCHy7g
mVxY3oXqadj1N3e6yxkc6HFkW+AaeeD+0k6N5OaVAayM7jJkjUfaQRcxEyIzLBV2
sQlNf8BC0rEgjmzANqAL3foImRSee7xalFM0YX43PwHyYb2eRvRcPqqDrUYOguyE
WNEL0Bue7BcajyUcf8PejeBztW7I06BB8gvNhnlPElZD/NqmnZPmEMlB0YwNCz+A
JqCdRfhKZyrX/8Do7mtQGz8Tj7FtlIr60Uhe74tgU9ep2lyR5h4HHdmsZoCjYyVd
XoYhBichbvI1icqvom8c8pSM0zt6cBAv6dyqrgb/bVeJH8G4JFrfV7+w9c2qarqc
6ClynUoREldhwzvttj7+4ZwYuQINBGXXAsoBEACxr4GmHkDQPOw1RCCFjeDqIJPV
r+G4G04Rs6RQwEF7P4CBXzULOle/ByCqQ9WOteO1iiQsnSXDSIjVT8sj7FCHntMv
YMGk/AAQC85RY2KwLH+0hA01zKyvWMyW3kbI8h3LKeNbQmXOvZkjhWfEUfUVrS85
GQXqSnDD1ogQl3DeBrKDPf1DNbxrteaCNppZODH3OssV+jUHmDhTTLfxvvkLni+4
NiWmkYGnK38NxzixNEWS8GmdUba9nuA2VbmB0esOaBTxJNGEOIQnCrQ2ckEEvdfQ
t4w3eyedTMhDhiPnelVXTRcyOTM9i62/40fy9RUOS/OJlrCuExREKIm7sUWXHc6C
JnmYw8I2mi4mhyTejB3QfKljFSUF6FUwh3DRgNPDEVxn5wr/IjE0GqEh5OgfJbEm
6TB9kHcOSiUWd5RdKwtBdon4Gvft+ZsyaajkyFk3Lz9EULMF5gBMOFYHTodO6G94
thAp6ouYwSkoFnS/1z46rbdzfPjzFdhWyYpS/b5rqJBuSuLqf9t332R0vZkwBCmg
S9n+HyTcOyrSwpFl16Xd/cFzamHCFfe+gLGvgGf6phAm+OBgZtzpdzHXymBdW/u+
vZvIQcXMoHri6TrXy8OQb0T2zmdAADblEfPVRzvldSEKrna1PwfDK5Ef0mu+pj6z
HJrvsxf/xN9VXzww9QARAQABiQI8BBgBCAAmFiEECFgl8C/wJMj7fI2zfCZMpeXl
cJMFAmXXAsoCGwwFCQPDtyEACgkQfCZMpeXlcJMN2g/+MtSUNNT5MjJKzkqEInYB
H3sEB5J01Ag4ecpwdLR2c/t4izC9JRVFy90FQy23U0F8h9nHDmK1SPoSAKe5uoPf
NE5MGpNCzd66qZeG6c+wCow3sED3yAAHgG0mWSAwq5s5kRb481VtCpjdnLqS+bcy
6mmWsB/eeXoLFJ9pARSQTW53IGef+51d+a8CCl/RlWMNhAL0jJrpm6YH42jXU7ax
EnFnlpEOTVnPgQ3wze+JFeay2UPTkH1FaQgzjfEfBda/Hy3PikWa2+bgElb36r8b
/q4zbSiR+g/CyzI3RHChU2iTUJ+pj3tNusvZSiLWL1CmlS8ZjvPdapnoa/4THHwf
Hgfrl3sl9qvV4Oxj94WfPxXC18g2Xb3weC1OP2bP78EEsE660fqQdFEm1wZL86u8
ay7Hi+9JXn8yl8/zlMKuDrfm4iNLzqEtiOmp3hgGAVr62QuxCE+vjCWO68908IqU
1fNhJnqeRXkhGRrmUuMlLES5InJsUFS6V1qXZzYRJr9o0fuiULnAzsPDEy4awo96
X3ANq5hI6rXvb3s0OXZl5COdFXLf+KUQkvsJcu7U488Ahcl+EGRtEcijR4KPBuf8
SXTDxTgzlKzAFtoL83ZE0M/X6VH9CuMV2UD85Stz3NZ3KeCiIk7OS5RG/7mddJpP
eSSEi1kkF91KqDph80NgNbw=
=f7CG
-----END PGP PUBLIC KEY BLOCK-----

There aren’t any published security advisories