Hi all, Since Kafka implements a number of security features, we need a procedure for reporting potential security vulnerabilities privately (as per http://www.apache.org/security/). We have added a simple page to the website that describes the procedure (thanks Flavio):
http://kafka.apache.org/project-security.html See https://issues.apache.org/jira/browse/KAFKA-3709 for more background. If you have suggestions on how the page could be improved, pull requests are welcome. :) Ismael
