On Thu, 2023-10-05 at 19:01 +0200, Tomasz Torcz wrote:
> On Thu, Oct 05, 2023 at 11:23:35AM -0400, Stephen Smoogen wrote:
> > On Sat, 30 Sept 2023 at 05:13, Marius Schwarz
> > wrote:
> >
> > >
> > > Hi,
> > >
> > > this is emerg ping for the security team, to take a look at this bz :
> > >
> >
On Thu, Oct 05, 2023 at 11:23:35AM -0400, Stephen Smoogen wrote:
> On Sat, 30 Sept 2023 at 05:13, Marius Schwarz
> wrote:
>
> >
> > Hi,
> >
> > this is emerg ping for the security team, to take a look at this bz :
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=2241470
> >
> > The deadline fo
On Sat, 30 Sept 2023 at 05:13, Marius Schwarz
wrote:
>
> Hi,
>
> this is emerg ping for the security team, to take a look at this bz :
>
> https://bugzilla.redhat.com/show_bug.cgi?id=2241470
>
> excuse me, for bringing this to the list, as a security bz is the way to
> go, but time is running fas
Hi Marius,,
I'd also point out that if you want to inform the security team about something, you
should inform directly – and it seems you've done that, by properly labeling that issue
(which I can't read at all) as sensitive. As the others pointed out, there's nothing that
can be done publicl
As far as the "Fedora Security Team" we dont know anything that's not
public either. RH's security team has access to the embargoed stuff and I
assume that they handle it privately with the package maintainer and prep
the patch themselves. I say assume because I have zero visibility into what
they
On Sat, Sep 30, 2023 at 10:55 AM Kevin Fenzi wrote:
>
> On Sat, Sep 30, 2023 at 11:13:32AM +0200, Marius Schwarz wrote:
> >
> > Hi,
> >
> > this is emerg ping for the security team, to take a look at this bz :
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=2241470
>
> If this is an embargoed
On Sat, Sep 30, 2023 at 11:13:32AM +0200, Marius Schwarz wrote:
>
> Hi,
>
> this is emerg ping for the security team, to take a look at this bz :
>
> https://bugzilla.redhat.com/show_bug.cgi?id=2241470
If this is an embargoed bug (I can't see it, so no idea if it is, but it
seems likely), pleas
Hi,
this is emerg ping for the security team, to take a look at this bz :
https://bugzilla.redhat.com/show_bug.cgi?id=2241470
excuse me, for bringing this to the list, as a security bz is the way to
go, but time is running fast and the patched release needs to be build
and shipped in 36h hou