[prev in list] [next in list] [prev in thread] [next in thread] 

List:       git
Subject:    Re: Where to report security vulnerabilities in git?
From:       Sitaram Chamarty <sitaramc () gmail ! com>
Date:       2015-08-24 4:25:22
Message-ID: 55DA99E2.7090707 () gmail ! com
[Download RAW message or body]

On 08/22/2015 04:25 AM, Guido Vranken wrote:
> List,
>=20
> I would like to report security vulnerabilities in git. Due to the
> sensitive nature of security-impacting bugs I would like to know if
> there's a dedicated e-mail address for this, so that the issues at
> play can be patched prior to a coordinated public disclosure of the
> germane exploitation details. I did find an older thread in the
> archive addressing this question (
> http://thread.gmane.org/gmane.comp.version-control.git/260328/ ), but
> because I'm unsure if those e-mail addresses are still relevant, I'm
> asking again.

If it has anything to do with remote access (via ssh or http) please
copy me also.  I wrote/write/maintain gitolite, which is a reasonably
successful access control system for git servers.

regards
sitaram



["signature.asc" (application/pgp-signature)]
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[prev in list] [next in list] [prev in thread] [next in thread]