[systemd-devel] systemd vulnerability detection
Amish
anon.amish at gmail.com
Wed Apr 29 03:23:23 UTC 2020
On 29/04/20 1:00 am, Lennart Poettering wrote:
> Please see:
>
> https://systemd.io/SECURITY/
>
> ...
>
> Lennart
On a side note, phrasing on the site needs to be changed.
It almost makes you click "public" link instead of "non-public" e-mail link.
It should be something like this:
----
If you discover a security vulnerability, we’d appreciate a non-public
disclosure. To reach systemd developers in a non-public way, report the
issue to the systemd-security at redhat.com mailing list. The disclosure
will be coordinated with distributions.
Please do not use issue tracker and systemd-devel mailing list, as they
are fully public.
----
(There should be no hyperlink to issue tracker or systemd-devel mailing
list to discourage accidental clicking)
Amish
More information about the systemd-devel
mailing list