tomaswolf commented on PR #250: URL: https://github.com/apache/mina-sshd/pull/250#issuecomment-1272498780
> disclosure via email is unfortunately somewhat impractical. This is not responsible behavior :-( as could be expected from any serious security researcher. Even if it takes effort perhaps it would be worth setting up the necessary infrastructure. If you can mass-generate PRs, there is surely also a way to auto-generate security notices via e-mail instead, without causing undue burden for human operators. Closing this: it's not a security vulnerability, and I won't change working and correct code for the sake of it with a commit message claiming it was a security vulnerability fix. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
