Reporting security vulnerability
Adam Dinwoodie
adam@dinwoodie.org
Thu Feb 25 10:18:16 GMT 2021
On Thu, 25 Feb 2021 at 10:12, Evyatar Gerzi via Cygwin wrote:
> Hello,
>
> I saw that you have a mailing list for bug reporting but the bug that I
> found is a security vulnerability, to whom I need to report it?
> I don't know if it is good that it will be "read by many people", but it's
> your call.
Hi Evyatar,
Can you narrow down where the security vulnerability is? Different
parts of Cygwin have different maintainers – each package has its own
maintainer, as well as separate ownership of the core Cygwin DLL and
things like the Cygwin website – and I expect different maintainers
might prefer different approaches.
Adam
More information about the Cygwin
mailing list