fuzz: add a note on reporting security bugs to HACKING

author Jonathan Rudenberg <jonathan@titanous.com>

Thu, 18 Jan 2018 03:41:57 +0000 (22:41 -0500)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Fri, 19 Jan 2018 22:07:24 +0000 (09:07 +1100)
author Jonathan Rudenberg <jonathan@titanous.com>
Thu, 18 Jan 2018 03:41:57 +0000 (22:41 -0500)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 19 Jan 2018 22:07:24 +0000 (09:07 +1100)
diff --git a/HACKING b/HACKING

index 551216b..8c72bdd 100644 (file)
--- a/HACKING
+++ b/HACKING
@@ -103,6 +103,9 @@ GitHub) and then running these commands:
          python infra/helper.py build_fuzzers --sanitizer memory systemd
          python infra/helper.py run_fuzzer systemd fuzz-foo
  
+If you find a bug that impacts the security of systemd, please follow the
+guidance in .github/CONTRIBUTING.md on how to report a security vulnerability.
+
  For more details on building fuzzers and integrating with OSS-Fuzz, visit:
  
          https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md
author	Jonathan Rudenberg <jonathan@titanous.com>
	Thu, 18 Jan 2018 03:41:57 +0000 (22:41 -0500)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Fri, 19 Jan 2018 22:07:24 +0000 (09:07 +1100)