incubator-cassandra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Bromhead <>
Subject Best avenue for reporting security issues
Date Tue, 17 Dec 2013 23:30:51 GMT
Hi guys

We’ve come across a bug with potential security implications and in the spirit of responsible
disclosure whats the best path for reporting it / submitting patches without making the issue
public until a fixed version of Cassandra is released?

As a follow up I would propose that the Cassandra project should have
mailing address, where sensitive issues can be reported to the core dev team without it being
made public.


Ben Bromhead
Instaclustr | | @instaclustr | +61 415 936 359

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message