The addresses are still valid. (I think there was a plan to introduce a git-security@... but I am not sure if that happened.) > Current practice is to contact Junio C Hamano <gitster <at> pobox.com>. > Cc-ing Jeff King <peff <at> peff.net> isn't a bad idea while at it. Just go for that. On Fri, Aug 21, 2015 at 3:55 PM, Guido Vranken <guidovranken@xxxxxxxxx> wrote: > List, > > I would like to report security vulnerabilities in git. Due to the > sensitive nature of security-impacting bugs I would like to know if > there's a dedicated e-mail address for this, so that the issues at > play can be patched prior to a coordinated public disclosure of the > germane exploitation details. I did find an older thread in the > archive addressing this question ( > http://thread.gmane.org/gmane.comp.version-control.git/260328/ ), but > because I'm unsure if those e-mail addresses are still relevant, I'm > asking again. > > Thanks. > > Guido > -- > To unsubscribe from this list: send the line "unsubscribe git" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html