romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-02 03:14:15 +03:00
Code Issues Projects Releases Packages Wiki Activity

VULN-DISCLOSURE-POLICY.md: emphasize the no email thank you part

Browse source 
Closes #21747
This commit is contained in:
Daniel Stenberg 2026-05-26 09:09:24 +02:00
parent 230a986636
commit a4d8fd7a2a
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/VULN-DISCLOSURE-POLICY.md
View file

@ -36,6 +36,10 @@ announcement.
[HackerOne](https://hackerone.com/curl). Issues filed there reach a handful
of selected and trusted people.
- The curl project cannot handle vulnerability reports sent to us over email.
We lose track of the reports. We cannot easily disclose them. Please do not
send us reports over email.
- Messages that do not relate to the reporting or managing of an undisclosed
security vulnerability in curl or libcurl are ignored and no further action
is required.