|
From: | Jon Bright |
Subject: | Re: [Monotone-devel] security issue |
Date: | Thu, 03 Feb 2005 17:05:02 +0100 |
User-agent: | Mozilla Thunderbird 1.0 (Windows/20041206) |
Hi, graydon hoare wrote:
(I don't really know what the protocol is for this, or more serious security notices; presumably at some level of visibility and maturity it'll be the "right" thing to do to file a vulnerability report with various parties.. but is that sort of thing necessary while we're still an alpha project with rapidly changing code? I don't know. any advice?)
I don't know how these things are done for a bigger project, but I suspect that the vast majority of current monotone users either are on this list, or have some representative on this list - and as such, your mail's sufficient. My one suggestion would be that this is one occasion where you might have broken your normal capitalisation trend and gone with "SECURITY" or so :-)
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com
[Prev in Thread] | Current Thread | [Next in Thread] |