curl/SECURITY.md

<!--
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.

SPDX-License-Identifier: curl
-->

# Security Policy

Read our [Vulnerability Disclosure Policy](docs/VULN-DISCLOSURE-POLICY.md).

## Reporting a Vulnerability

If you have found or just suspect a security problem somewhere in curl or
libcurl, report it on [HackerOne](https://hackerone.com/curl).

We treat security issues with confidentiality until controlled and disclosed responsibly.
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869 2022-05-17 12:16:50 +03:00			`<!--`
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205 2023-01-02 15:51:48 +03:00			`Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.`
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869 2022-05-17 12:16:50 +03:00
SECURITY.md: minor rephrase Closes #5158 2020-03-28 03:34:51 +03:00			`SPDX-License-Identifier: curl`
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869 2022-05-17 12:16:50 +03:00			`-->`

SECURITY.md: created Brief security policy description for use/display on github. 2019-06-10 11:16:02 +03:00			`# Security Policy`

SECURITY-PROCESS.md. call it vulnerability disclosure policy SECURITY-PROCESS.md -> VULN-DISCLOSURE-POLICY.md This a name commonly used for a document like this. This name helps users find it. Closes #11852 2023-09-14 17:41:19 +03:00			`Read our [Vulnerability Disclosure Policy](docs/VULN-DISCLOSURE-POLICY.md).`
SECURITY.md: created Brief security policy description for use/display on github. 2019-06-10 11:16:02 +03:00
			`## Reporting a Vulnerability`

docs: spellfixes Pointed by the new CI job 2022-09-21 00:30:19 +03:00			`If you have found or just suspect a security problem somewhere in curl or`
			`libcurl, report it on [HackerOne](https://hackerone.com/curl).`
SECURITY.md: created Brief security policy description for use/display on github. 2019-06-10 11:16:02 +03:00
SECURITY.md: minor rephrase Closes #5158 2020-03-28 03:34:51 +03:00			`We treat security issues with confidentiality until controlled and disclosed responsibly.`