Dear Geode Developers, As you know, the Apache Software Foundation really cares about our users' security, and protects them by defining sensible release and security processes. These indirectly also protect our committers, shielding individuals from personal liability. We also have security committee assist PMCs with triage and followup. Some of this process is necessarily done in private; as we practice responsible disclosure.
We are seeing potential security issues are reported privately to the Geode PMC, but the PMC currently does not have the bandwidth to triage (and, if necessary, fix and disclose) them. On behalf of the PMC: would anyone be interested in helping out here? If so, please contact priv...@geode.apache.org with secur...@apache.org in Cc. Kind regards, The ASF Security Team