mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-04-12 16:20:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: link to the website versions instead of markdowns

Browse Source 
... to make the links work when the markdown is converted to webpages on
https://curl.se

Reported-by: Maurício Meneghini Fauth
Fixes https://github.com/curl/curl-www/issues/272
Closes #11569
This commit is contained in:
Daniel Stenberg 2023-08-01 23:38:16 +02:00
parent 00f8f9c22b
commit fc1e42190f
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
3 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/BUG-BOUNTY.md
View File

@ -11,8 +11,8 @@ HackerOne program](https://hackerone.com/curl).
After you have reported a security issue, it has been deemed credible, and a
patch and advisory has been made public, you may be eligible for a bounty from
this program. See the [SECURITY-PROCESS](SECURITY-PROCESS.md) document for how
we work with security issues.
this program. See the [Security Process](https://curl.se/dev/secprocess.html)
document for how we work with security issues.
## What are the reward amounts?

10
docs/SECURITY-ADVISORY.md
View File

@ -1,10 +1,10 @@
# Anatomy of a curl security advisory
As described in the `SECURITY-PROCESS.md` document, when a security
vulnerability has been reported to the project and confirmed, we author an
advisory document for for the issue. It should ideally be written in
cooperation with the reporter to make sure all the angles and details of the
problem are gathered and described correctly and succinctly.
As described in the [Security Process](https://curl.se/dev/secprocess.html)
document, when a security vulnerability has been reported to the project and
confirmed, we author an advisory document for for the issue. It should ideally
be written in cooperation with the reporter to make sure all the angles and
details of the problem are gathered and described correctly and succinctly.
## New document

3
docs/SECURITY-PROCESS.md
View File

@ -56,7 +56,8 @@ announcement.
problem is, its impact, which versions it affects, solutions or workarounds,
when the release is out and make sure to credit all contributors properly.
Figure out the CWE (Common Weakness Enumeration) number for the flaw. See
[SECURITY-ADVISORY](SECURITY-ADVISORY.md) for help on creating the advisory.
[SECURITY-ADVISORY](https://curl.se/dev/advisory.html) for help on creating
the advisory.
- Request a CVE number from
[HackerOne](https://docs.hackerone.com/programs/cve-requests.html)