Mercurial > vim
comparison SECURITY.md @ 32717:b807b0aa8e1f
Add security policy (#12687)
Commit: https://github.com/vim/vim/commit/6ec7808c4a469d1fe22101f75e4d9abc269823a6
Author: Santos Gallegos <stsewd@proton.me>
Date: Wed Aug 9 13:11:37 2023 -0500
Add security policy (https://github.com/vim/vim/issues/12687)
* Add security policy
Currently is hard to find where to report security issues,
the only mention of it is in the issue template.
https://github.com/vim/vim/blob/4c0089d696b8d1d5dc40568f25ea5738fa5bbffb/.github/ISSUE_TEMPLATE/bug_report.yml?plain=1#L12-L15
Adding a SECURITY.md file will make it easier to find,
it will be displayed in https://github.com/vim/vim/security.
* Mention that reports are private
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Wed, 09 Aug 2023 20:15:05 +0200 |
parents | |
children | 965ed6e19279 |
comparison
equal
deleted
inserted
replaced
32716:9b54615d2328 | 32717:b807b0aa8e1f |
---|---|
1 # Security Policy | |
2 | |
3 ## Reporting a vulnerability | |
4 | |
5 If you want to report a security issue, please use [huntr.dev](https://huntr.dev/bounties/disclose?target=https%3A%2F%2Fgithub.com%2Fvim%2Fvim) to privately disclose the issue to us. | |
6 They also have rewards in the form of money, swag and CVEs. | |
7 | |
8 **Please don't publicly disclose the issue until it has been addressed by us.** |