security: encourage reporting vulnerabilities through huntr.dev (#6811)

[skip ci]
author: Joe Chen <jc@unknwon.io> 2022-03-06 20:13:56 +0800
committer: GitHub <noreply@github.com> 2022-03-06 20:13:56 +0800
commit: 36102f168938244624a5cf843d455f057f50779a (patch)
tree: 5cfc38f216ae363bca693d0b8598dbc264faef48 /SECURITY.md
parent: e452d94fc842da6623c8fde67b9d71a1ee739f0a (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/SECURITY.md b/SECURITY.md
index 01c5e5e8..cd4e7609 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,9 +2,12 @@
 
 ## Supported versions
 
-Only lastest two minor version releases are supported for patching security fixes.
+Only lastest two minor version releases are supported for accepting vulnerability reports and patching for fixes.
 
 ## Reporting a vulnerability
 
-Please create a dummy issue with high-level description of the security vulnerability,
-then report details to [security@gogs.io](mailto:security@gogs.io) privately, thank you!
+Please create a dummy issue with high-level description of the security vulnerability, then report details to [security@gogs.io](mailto:security@gogs.io) privately.
+
+We strongly enourage to use https://huntr.dev/ for submitting and managing status of vulnerability reports instead of emails.
+
+Thank you!
author	Joe Chen <jc@unknwon.io>	2022-03-06 20:13:56 +0800
committer	GitHub <noreply@github.com>	2022-03-06 20:13:56 +0800
commit	36102f168938244624a5cf843d455f057f50779a (patch)
tree	5cfc38f216ae363bca693d0b8598dbc264faef48 /SECURITY.md
parent	e452d94fc842da6623c8fde67b9d71a1ee739f0a (diff)