[arch-security] How to properly report vulnerabilities

Billy McCann thebillywayne at gmail.com
Sun Jul 6 12:30:06 EDT 2014


Also, recall Alan's instructions.  Do not post private bugs to the ML,
as the ML itself is open, IIRC.  Use the email that Alan provided.

||If you have a private bug to report, then use security at archlinux.org.
--
Billy Wayne McCann, Ph.D.
irc://irc.freenode.net:bwayne
"A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)



On Sun, Jul 6, 2014 at 10:52 AM, Billy McCann <thebillywayne at gmail.com> wrote:
> ||  Should I add a warning to the wiki not to report private bugs to the
> ||  bug tracker but to the ML?
>
> I would encourage you to.  It need not be listed as a"warning."  A
> special section added to the Procedure section, in my opinion, would
> be sufficient.
>
> Thanks for your efforts, Karol
>
> BW
>
> --
> Billy Wayne McCann, Ph.D.
> irc://irc.freenode.net:bwayne
> "A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)


More information about the arch-security mailing list