1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 12:05:06 -05:00
Commit Graph

15 Commits

Author SHA1 Message Date
Daniel Stenberg
6703eb2f4c
SECURITY-PROCESS: disclose on hackerone
Once a vulnerability has been published, the hackerone issue should be
disclosed. For tranparency.

Closes #6275
2020-12-03 22:29:34 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
H3RSKO
3d221409e2
docs: change "web site" to "website"
According to wikipedia:

 While "web site" was the original spelling, this variant has become
 rarely used, and "website" has become the standard spelling

Closes #5822
2020-08-17 00:14:18 +02:00
Daniel Stenberg
b4988286a9
SECURITY-PROCESS: fix links [ci skip] 2019-05-11 17:50:37 +02:00
Reed Loden
361f9957cb
docs: minor polish to the bug bounty / security docs
Closes #3811
2019-04-29 08:09:10 +02:00
Daniel Stenberg
10e4dd6a7b
docs/BUG-BOUNTY: bug bounty time [skip ci]
Introducing the curl bug bounty program on hackerone. We now recommend
filing security issues directly in the hackerone ticket system which
only is readable to curl security team members.

Assisted-by: Daniel Gustafsson

Closes #3488
2019-04-22 17:19:19 +02:00
Daniel Stenberg
4a01a20bdb
SECURITY-PROCESS: bountygraph shuts down
This backpedals back the documents to the state before bountygraph.

Closes #3311
2018-11-30 22:50:36 +01:00
Daniel Stenberg
1a0cf36fbf
docs/SECURITY-PROCESS: the hackerone IBB program drops curl
... now there's only BountyGraph.
2018-10-17 08:02:37 +02:00
Daniel Gustafsson
e9605dbda2 SECURITY-PROCESS: make links into hyperlinks
Use proper Markdown hyperlink format for the Bountygraph links in order
for the generated website page to be more user friendly. Also link to
the sponsors to give them a little extra credit.

Closes #3082
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:17:09 +02:00
Daniel Stenberg
3cae1cd699
SECURITY-PROCESS: mention the bountygraph program [ci skip]
Closes #3032
2018-09-22 12:00:00 +02:00
Viktor Szakats
420087bb30 secure Openwall URLs 2018-09-14 18:48:35 +00:00
Daniel Stenberg
a040ff88e4
docs/SECURITY-PROCESS: now we name the files after the CVE id 2018-08-20 11:49:58 +02:00
Daniel Stenberg
29b78a537f
docs/SECURITY-PROCESS: mention bounty, drop pre-notify
+ The hackerone bounty and its process

- We don't and can't handle pre-notification
2018-07-12 12:32:54 +02:00
Daniel Stenberg
a857057536
SECURITY-PROCESS: mention how we write/add advisories 2018-03-14 14:20:24 +01:00
Daniel Stenberg
029ae11034
docs/SECURITY.md -> docs/SECURITY-PROCESS.md 2018-03-11 23:41:50 +01:00