docs/BUG-BOUNTY: bug bounty time [skip ci]

Introducing the curl bug bounty program on hackerone. We now recommend filing security issues directly in the hackerone ticket system which only is readable to curl security team members. Assisted-by: Daniel Gustafsson Closes #3488
author: Daniel Stenberg <daniel@haxx.se> 2019-04-20 12:19:47 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2019-04-22 17:19:19 +0200
commit: 10e4dd6a7b3b2bc512223c4d94607f12443aab9f (patch)
tree: 4664f43185a3b02f85c5bb0af65d2d4b104e363c /README.md
parent: eb84ca3ea8f793ecbedf7865c41a8d1b9f59efb7 (diff)
download: curl-10e4dd6a7b3b2bc512223c4d94607f12443aab9f.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/README.md b/README.md
index 70764357f..d8d6c0e6d 100644
--- a/README.md
+++ b/README.md
@@ -50,6 +50,11 @@ To download the very latest source from the Git server do this:
 
 (you'll get a directory named curl created, filled with the source code)
 
+## Security problems
+
+Report supected security problems on [our hackerone
+page](https://hackerone.com/curl) and not in public!
+
 ## Notice
 
 Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga
author	Daniel Stenberg <daniel@haxx.se>	2019-04-20 12:19:47 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2019-04-22 17:19:19 +0200
commit	10e4dd6a7b3b2bc512223c4d94607f12443aab9f (patch)
tree	4664f43185a3b02f85c5bb0af65d2d4b104e363c /README.md
parent	eb84ca3ea8f793ecbedf7865c41a8d1b9f59efb7 (diff)
download	curl-10e4dd6a7b3b2bc512223c4d94607f12443aab9f.tar.gz