curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: bug bounty reward amounts

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Sat, 29 Sep 2018 15:18:06 +0200 (CEST)

On Fri, 28 Sep 2018, Daniel Stenberg via curl-library wrote:

> I think it might help us to attract more security researchers if we spell
> out exactly how much money we intend to pay as rewards for potential finds -
> especially now when have gotten pledges for a notable sum to use for this.
> Here's a proposal from me.

I created a pull-request[1] with this proposal converted to documentation.
I'll appreciate your input!

You can view that markdown file[2] straight from the PR if you want.

[1] = https://github.com/curl/curl/pull/3067
[2] =
https://github.com/curl/curl/blob/c8b4df544058fdbfcbe709e85b75b4ddcdba7cad/docs/BUG-BOUNTY.md

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html

Received on 2018-09-29

This message: [ Message body ]
Next message: Daniel Stenberg via curl-library: "Re: Can I use libcurl to get full lists of directory"
Previous message: Daniel Stenberg via curl-library: "bug bounty reward amounts"
In reply to: Daniel Stenberg via curl-library: "bug bounty reward amounts"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]