> I have received a report of a possible security vulnerability > that I need to pass on to the freetype developers for investigation.
Please report it to me privately. > There doesn't seem to be a specific place to report security > problems to, and the tracker on Savannah > (https://savannah.nongnu.org/bugs/?func=additem&group=freetype) > doesn't have a way (that I can see) to make an issue > private/confidential. Indeed. Savannah guys, how should this be managed correctly? In case there isn't a proper infrastructure it should be added IMHO as soon as possible. Werner
