Add text about no bug bounties

author Suzanne Goldlust <sgoldlust@isc.org>

Thu, 13 Mar 2025 17:56:01 +0000 (17:56 +0000)

committer Petr Špaček <pspacek@isc.org>

Mon, 2 Jun 2025 07:04:20 +0000 (07:04 +0000)
author Suzanne Goldlust <sgoldlust@isc.org>
Thu, 13 Mar 2025 17:56:01 +0000 (17:56 +0000)
committer Petr Špaček <pspacek@isc.org>
Mon, 2 Jun 2025 07:04:20 +0000 (07:04 +0000)
diff --git a/SECURITY.md b/SECURITY.md

index 3998de48df5d122e9f8eb5bd5ba9f6cacdfabcb2..72cfccb164d7e3a70d5decc2877c95f95f1382d3 100644 (file)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -32,6 +32,14 @@ responsible reporters.
  If you have a crash, you may want to consult the Knowledgebase article
  entitled ["What to do if your BIND or DHCP server has crashed"][3].
  
+## Reporting bugs
+
+We are working with the interests of the greater Internet at heart, and
+we hope you are too. In that vein, we do not offer bug bounties. If you
+think you have found a bug in any ISC software, we encourage you to
+[report it responsibly][2]; if verified, we will be happy to credit you
+in our Release Notes.
+
  [1]: https://kb.isc.org/docs/aa-00861
  [2]: https://gitlab.isc.org/isc-projects/bind9/-/issues/new?description_template=Security_issue
  [3]: https://kb.isc.org/docs/aa-00340
author	Suzanne Goldlust <sgoldlust@isc.org>
	Thu, 13 Mar 2025 17:56:01 +0000 (17:56 +0000)
committer	Petr Špaček <pspacek@isc.org>
	Mon, 2 Jun 2025 07:04:20 +0000 (07:04 +0000)