Hello, Many projects have some private mail list or some other policies for reporting issues with possible security implications. I mean some bugs that the reporter cannot qualify for sure as a "safe to publicly disclose" (still, they can turn out to be not security-related after review). BlueZ, on the other hand, has a policy of "never write to them [developers] directly" and no easily grep-able guidelines on reporting possibly security-related issues. So, what is the preferred way for reporting such things? Best regards Anatoly
