It does not @pmatilai, but many people are uncomfortable with situations where
reporting a bug via the proper channels (public GitHub issue) means publicizing
a 0day vulnerability in their own product. They would prefer if security
problems in their product caused by upstream bugs were considered security
vulnerabilities in the upstream code, so that they could be handled via the
private channels used for such things (secal...@redhat.com in this case).
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/2211#discussioncomment-7511960
You are receiving this because you are subscribed to this thread.
Message ID:
<rpm-software-management/rpm/repo-discussions/2211/comments/7511...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
