incubator-cassandra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Bromhead <...@instaclustr.com>
Subject Best avenue for reporting security issues
Date Tue, 17 Dec 2013 23:30:51 GMT
Hi guys

We’ve come across a bug with potential security implications and in the spirit of responsible
disclosure whats the best path for reporting it / submitting patches without making the issue
public until a fixed version of Cassandra is released?

As a follow up I would propose that the Cassandra project should have security@cassandra.apache.org
mailing address, where sensitive issues can be reported to the core dev team without it being
made public.

Regards

Ben Bromhead
Instaclustr | www.instaclustr.com | @instaclustr | +61 415 936 359


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message