On Mon, 6 Jul 2015 08:49:37 +0100 Chris Down <ch...@chrisdown.name> wrote:
Hey Chris, > I'm guessing that's the case, but I'd rather err on the side of caution > before > posting such things to a public list. given how short the reaction time is here, I'd recommend you to send a report to hackers@, which is the general list for development work. There is no special security reporting mechanism as far as I know, and in my opinion, if it's a smaller fix which can be done in less than an hour, there's no reason to plan time ahead. Given all suckless software is simple to a certain degree, any security matter should be fixable in finite time (unlike some GNU projects). Cheers FRIGN -- FRIGN <d...@frign.de>
