Sorry for the late reply. I will handle this.
Thanks
ZhangJian He
On Fri, May 3, 2024 at 9:42 PM Apache Security Team
wrote:
> Dear ServiceComb Developers,
>
> As you know, the Apache Software Foundation takes our users' security
> seriously, and defines sensible release and security processes to make sure
> potential security issues are dealt with responsibly. These indirectly also
> protect our committers, shielding individuals from personal liability. Some
> of this process is necessarily done in private; as we practice responsible
> disclosure.
>
> We are seeing potential security issues are reported privately to the
> ServiceComb PMC, but the PMC currently does not appear to have the
> bandwidth to triage (and, if necessary, fix and disclose) them.
>
> On behalf of the PMC: would anyone be interested in helping out here? If
> so, please contact priv...@servicecomb.apache.org with secur...@apache.org
> in Cc.
>
>
> Kind regards,
>
> The ASF Security Team
>