Lucas Holt <[email protected]> writes: > At a minimum, if you're going to go public, use your AI to include a > possible patch too. Don't just drop work on a random person because you > got to find it first. That's not cool.
Need to be careful here; simple patches that look good can in fact be hiding serious security issues. Thinking of the September 2006 Debian openssl issue here. https://research.swtch.com/openssl -- Brian May @ Linux Penguins
