From e10db122a2ec085a4324f1addfa948838d5339fa Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 7 Apr 2017 13:33:08 +0200
Subject: BUGS: "Bugs in old versions"

---
 docs/BUGS | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/docs/BUGS b/docs/BUGS
index 2936c5494..12714cc17 100644
--- a/docs/BUGS
+++ b/docs/BUGS
@@ -14,6 +14,7 @@ BUGS
   1.5 Who will fix the problems
   1.6 How to get a stack trace
   1.7 Bugs in libcurl bindings
+  1.8 Bugs in old versions
 
  2. Bug fixing procedure
  2.1 What happens on first filing
@@ -153,6 +154,38 @@ BUGS
   please convert your program over to plain C and follow the steps outlined
   above.
 
+1.8 Bugs in old versions
+
+  The curl project typically releases new versions every other month, and we
+  fix several hundred bugs per year. For a huge table of releases, number of
+  bug fixes and more, see: https://curl.haxx.se/docs/releases.html
+
+  The developers in the curl project do not have bandwidth or energy enough to
+  maintain several branches or to spend much time on hunting down problems in
+  old versions when chances are we already fixed them or at least that they've
+  changed nature and appearance in later versions.
+
+  When you experience a problem and want to report it, you really SHOULD
+  include the version number of the curl you're using when you experience the
+  issue. If that version number shows us that you're using an out-of-date
+  curl, you should also try out a modern curl version to see if the problem
+  persists or how/if it has changed in apperance.
+
+  Even if you cannot immediately upgrade your application/system to run the
+  latest curl version, you can most often at least run a test version or
+  experimental build or similar, to get this confirmed or not.
+
+  At times people insist that they cannot upgrade to a modern curl version,
+  but instead they "just want the bug fixed". That's fine, just don't count on
+  us spending many cycles on trying to identify which single commit, if that's
+  even possible, that at some point in the past fixed the problem you're now
+  experiencing.
+
+  Security wise, it is almost always a bad idea to lag behind the current curl
+  versions by a lot. We keeping discovering and reporting security problems
+  over time see you can see in this table:
+  https://curl.haxx.se/docs/vulnerabilities.html
+
 2. Bug fixing procedure
 
 2.1 What happens on first filing
-- 
cgit v1.2.1