On 08/22/2015 04:25 AM, Guido Vranken wrote: > List, > > I would like to report security vulnerabilities in git. Due to the > sensitive nature of security-impacting bugs I would like to know if > there's a dedicated e-mail address for this, so that the issues at > play can be patched prior to a coordinated public disclosure of the > germane exploitation details. I did find an older thread in the > archive addressing this question ( > http://thread.gmane.org/gmane.comp.version-control.git/260328/ ), but > because I'm unsure if those e-mail addresses are still relevant, I'm > asking again. If it has anything to do with remote access (via ssh or http) please copy me also. I wrote/write/maintain gitolite, which is a reasonably successful access control system for git servers. regards sitaram
Attachment:
signature.asc
Description: OpenPGP digital signature