[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-help-public] Re: [ft-devel] Procedure for reporting a poss
|
From: |
Sylvain Beucler |
|
Subject: |
Re: [Savannah-help-public] Re: [ft-devel] Procedure for reporting a possible security vulnerability |
|
Date: |
Sat, 20 Mar 2010 07:59:58 +0100 |
|
User-agent: |
Mutt/1.5.20 (2009-06-14) |
Hey,
On Sat, Mar 20, 2010 at 07:42:48AM +0100, Werner LEMBERG wrote:
>
> > I have received a report of a possible security vulnerability
> > that I need to pass on to the freetype developers for investigation.
>
> Please report it to me privately.
>
> > There doesn't seem to be a specific place to report security
> > problems to, and the tracker on Savannah
> > (https://savannah.nongnu.org/bugs/?func=additem&group=freetype)
> > doesn't have a way (that I can see) to make an issue
> > private/confidential.
>
> Indeed. Savannah guys, how should this be managed correctly? In case
> there isn't a proper infrastructure it should be added IMHO as soon as
> possible.
You'll want to add the 'Privacy' field to your tracker.
I believe your team trimmed it to the minimum ;)
https://savannah.nongnu.org/bugs/admin/field_usage.php?group=freetype
--
Sylvain