StreamMaster follows a continuous deployment model. Only the latest version receives security updates.
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
We take security vulnerabilities seriously, especially given that StreamMaster handles media streams and integrates with various server platforms.
- DO NOT create a public GitHub issue for security vulnerabilities
- Please open a private security advisory through GitHub's Security tab
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Affected versions
- Possible fixes (if known)
- Credit for responsible disclosure (if desired)
When deploying StreamMaster:
- Always use HTTPS for M3U and EPG URL imports
- Regularly update to the latest version
- Use strong authentication for admin access
Security concerns include but are not limited to:
- Authentication and authorization
- Stream access control
- Data handling and storage
- API security
- Dependencies and third-party components