mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
SECURITY-PROCESS: disclose on hackerone
Once a vulnerability has been published, the hackerone issue should be disclosed. For tranparency. Closes #6275
This commit is contained in:
parent
753a2c758a
commit
6703eb2f4c
@ -125,6 +125,14 @@ Publishing Security Advisories
|
|||||||
6. On security advisory release day, push the changes on the curl-www
|
6. On security advisory release day, push the changes on the curl-www
|
||||||
repository's remote master branch.
|
repository's remote master branch.
|
||||||
|
|
||||||
|
Hackerone
|
||||||
|
---------
|
||||||
|
|
||||||
|
Request the issue to be disclosed. If there are sensitive details present in
|
||||||
|
the report and discussion, those should be redacted from the disclosure. The
|
||||||
|
default policy is to disclose as much as possible as soon as the vulnerability
|
||||||
|
has been published.
|
||||||
|
|
||||||
Bug Bounty
|
Bug Bounty
|
||||||
----------
|
----------
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user