php-src/SECURITY.md

# Reporting Security Issues

Please report security vulnerabilities on GitHub at:
<https://github.com/php/php-src/security/advisories/new>

If for some reason you cannot use the form at GitHub, or you need to talk to
somebody about a PHP security issue that might not be a bug report, please write
to <security@php.net>.

Vulnerability reports remain private until published. When published, you will
be credited as a contributor, and your contribution will reflect the MITRE
Credit System.

# Vulnerability Policy

Our full policy is described at
https://github.com/php/policies/blob/main/security-classification.rst
Move most of this to https://github.com/php/policies as per Policies RFC 2024-01-31 01:31:55 +08:00			`# Reporting Security Issues`
Update to use GitHub security issue reporting 2023-02-16 10:53:16 +08:00
			`Please report security vulnerabilities on GitHub at:`
			`<https://github.com/php/php-src/security/advisories/new>`

			`If for some reason you cannot use the form at GitHub, or you need to talk to`
			`somebody about a PHP security issue that might not be a bug report, please write`
			`to <security@php.net>.`

			`Vulnerability reports remain private until published. When published, you will`
			`be credited as a contributor, and your contribution will reflect the MITRE`
			`Credit System.`

Move most of this to https://github.com/php/policies as per Policies RFC 2024-01-31 01:31:55 +08:00			`# Vulnerability Policy`
Update to use GitHub security issue reporting 2023-02-16 10:53:16 +08:00
Move most of this to https://github.com/php/policies as per Policies RFC 2024-01-31 01:31:55 +08:00			`Our full policy is described at`
			`https://github.com/php/policies/blob/main/security-classification.rst`