incubator-cassandra-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aleksey Yeschenko <alek...@apache.org>
Subject Re: Best avenue for reporting security issues
Date Tue, 17 Dec 2013 23:35:17 GMT
Hi Ben,

Send it to me, I'll handle it.

Thanks


On Wed, Dec 18, 2013 at 2:30 AM, Ben Bromhead <ben@instaclustr.com> wrote:

> Hi guys
>
> We’ve come across a bug with potential security implications and in the
> spirit of responsible disclosure whats the best path for reporting it /
> submitting patches without making the issue public until a fixed version of
> Cassandra is released?
>
> As a follow up I would propose that the Cassandra project should have
> security@cassandra.apache.org mailing address, where sensitive issues can
> be reported to the core dev team without it being made public.
>
> Regards
>
> Ben Bromhead
> Instaclustr | www.instaclustr.com | @instaclustr | +61 415 936 359
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message