diff options
Diffstat (limited to 'docs/BUG-BOUNTY.md')
| -rw-r--r-- | docs/BUG-BOUNTY.md | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/BUG-BOUNTY.md b/docs/BUG-BOUNTY.md index 896d82568..813cc5fc1 100644 --- a/docs/BUG-BOUNTY.md +++ b/docs/BUG-BOUNTY.md @@ -38,6 +38,10 @@ Bounties need to be requested within twelve months from the publication of the vulnerability. + The vulnerabilities must not have been made public before August 1st, 2018. + We do not retroactively pay for old, already known and published security + problems. + ## Product vulnerabilities only The bug bounty only concerns the curl and libcurl products and thus their |