On 29/04/20 1:00 am, Lennart Poettering wrote:
Please see:
https://systemd.io/SECURITY/
...
Lennart
On a side note, phrasing on the site needs to be changed.
It almost makes you click "public" link instead of "non-public" e-mail link.
It should be something like this:
----
If you discover a security vulnerability, we’d appreciate a non-public
disclosure. To reach systemd developers in a non-public way, report the
issue to the systemd-security@xxxxxxxxxx mailing list. The disclosure
will be coordinated with distributions.
Please do not use issue tracker and systemd-devel mailing list, as they
are fully public.
----
(There should be no hyperlink to issue tracker or systemd-devel mailing
list to discourage accidental clicking)
Amish
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel