Re: [Geoserver-devel] Proposal [GSIP 220] - Revised Security Policy and CVE handling

Thanks, the GSIP has been revised with "volunteer", "researcher", "National CVE Numbering Authority" and the exchanges separated for clarity. -- Jody Garnett On Sep 15, 2023 at 11:54:19 AM, Torben Barsballe wrote: > +1 > > The Feedback section read as a little confusing (probably because the

[Geoserver-devel] Reporting back on CVE-2023-35042 "update" via GitHub database

Follow up to this week's meeting. As research for GSIP-220 I have made second attempt to update CVE-2023-35042 via a pull request to GitHub advisory database. As part of the pull-request review the following were updated: CVE-2023-35042