Hello all,
as you might be aware, the Gentoo Security Team encourages users to
report security vulnerabilities or findings of code audits that are not
yet public in our Bugzilla under the 'Gentoo Security' component.
However, as we learned earlier, it was not possible for users to
restrict access to such security bugs, which would lead to a public
disclosure of all details. This issue is now corrected, as an
over-careful restriction in our template was lifted. I'd like to thank
Robin H. Johnson for promptly investigating and resolving the issue!
You can find details on how to report confidential bugs in section 3 on
this site: http://www.gentoo.org/security/en/
Regards,
Robert
as you might be aware, the Gentoo Security Team encourages users to
report security vulnerabilities or findings of code audits that are not
yet public in our Bugzilla under the 'Gentoo Security' component.
However, as we learned earlier, it was not possible for users to
restrict access to such security bugs, which would lead to a public
disclosure of all details. This issue is now corrected, as an
over-careful restriction in our template was lifted. I'd like to thank
Robin H. Johnson for promptly investigating and resolving the issue!
You can find details on how to report confidential bugs in section 3 on
this site: http://www.gentoo.org/security/en/
Regards,
Robert
Attached Files:
-
signature.asc (0.82 KB)