[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ft-devel] Procedure for reporting a possible security vulnerability
From: |
Werner LEMBERG |
Subject: |
Re: [ft-devel] Procedure for reporting a possible security vulnerability |
Date: |
Sat, 20 Mar 2010 07:42:48 +0100 (CET) |
> I have received a report of a possible security vulnerability
> that I need to pass on to the freetype developers for investigation.
Please report it to me privately.
> There doesn't seem to be a specific place to report security
> problems to, and the tracker on Savannah
> (https://savannah.nongnu.org/bugs/?func=additem&group=freetype)
> doesn't have a way (that I can see) to make an issue
> private/confidential.
Indeed. Savannah guys, how should this be managed correctly? In case
there isn't a proper infrastructure it should be added IMHO as soon as
possible.
Werner