diff options
author | Daniel Stenberg <daniel@haxx.se> | 2018-10-12 09:11:54 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-10-12 09:12:44 +0200 |
commit | aaab08311baf21b8e0f85a077d25b70d79103767 (patch) | |
tree | 9c33c761beba88f1dbd292bb4f0a1858f3043240 /docs/BUG-BOUNTY.md | |
parent | a47a264492a528a6e7bca8bf9bbf438a1b6ba780 (diff) | |
download | curl-aaab08311baf21b8e0f85a077d25b70d79103767.tar.gz |
docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018
[ci skip]
Diffstat (limited to 'docs/BUG-BOUNTY.md')
-rw-r--r-- | docs/BUG-BOUNTY.md | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/BUG-BOUNTY.md b/docs/BUG-BOUNTY.md index 896d82568..813cc5fc1 100644 --- a/docs/BUG-BOUNTY.md +++ b/docs/BUG-BOUNTY.md @@ -38,6 +38,10 @@ Bounties need to be requested within twelve months from the publication of the vulnerability. + The vulnerabilities must not have been made public before August 1st, 2018. + We do not retroactively pay for old, already known and published security + problems. + ## Product vulnerabilities only The bug bounty only concerns the curl and libcurl products and thus their |