On Tue, Oct 03, 2006, Andrey Romanov wrote: > Hello here! > > I think, I have found a pretty significant security-related bug in > OpenSSL library. What are the guidelines for reporting them? > Should I post it directly on the mailing list? Or to provide the info to > maintainer first? >
These can be passed to a member of the dev team in the first instance, me for example. Then after any issue has been analysed we'll get back to you. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
