Re: [ft-devel] Procedure for reporting a possible security vulnerability

freetype-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] Procedure for reporting a possible security vulnerability

From:	Werner LEMBERG
Subject:	Re: [ft-devel] Procedure for reporting a possible security vulnerability
Date:	Sat, 20 Mar 2010 07:42:48 +0100 (CET)

> I have received a report of a possible security vulnerability
> that I need to pass on to the freetype developers for investigation.

Please report it to me privately.

> There doesn't seem to be a specific place to report security
> problems to, and the tracker on Savannah
> (https://savannah.nongnu.org/bugs/?func=additem&group=freetype)
> doesn't have a way (that I can see) to make an issue
> private/confidential.

Indeed.  Savannah guys, how should this be managed correctly?  In case
there isn't a proper infrastructure it should be added IMHO as soon as
possible.


    Werner

[Prev in Thread]

Current Thread

[Next in Thread]

[ft-devel] Procedure for reporting a possible security vulnerability, Reed Loden, 2010/03/19
- Re: [ft-devel] Procedure for reporting a possible security vulnerability, Werner LEMBERG <=
  - Re: [Savannah-help-public] Re: [ft-devel] Procedure for reporting a possible security vulnerability, Sylvain Beucler, 2010/03/20
    - Re: [Savannah-help-public] Re: [ft-devel] Procedure for reporting a possible security vulnerability, Werner LEMBERG, 2010/03/20

Prev by Date: Re: [ft-devel] inconsistently dropping sub-pixel features
Next by Date: Re: [ft-devel] inconsistently dropping sub-pixel features
Previous by thread: [ft-devel] Procedure for reporting a possible security vulnerability
Next by thread: Re: [Savannah-help-public] Re: [ft-devel] Procedure for reporting a possible security vulnerability
Index(es):
- Date
- Thread