On 12/21/09 12:15 PM, EricLaw wrote: > Thanks for confirming, all! > > Is there somewhere "official" that extensions that do this should be > reported? > > thanks, > Eric
[email protected] functions as an overall contact address for any security concern related to the Mozilla project. If it's not in code we're directly responsible for we will track down and work with the authors. If the addon is hosted at Addons.mozilla.org you could also mail amo-admins at mozilla.org in addition, or if you prefer you could also file a bug at https://bugzilla.mozilla.org in the Product "addons.mozilla.org" and Component "Add-on Security", but be sure to check the "This is a security problem" checkbox so it sets off the alarm bells. If the add-on was not hosted on AMO then just mail the general security address and we'll figure it out. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
