> On 04/01/2019 01:02, Florian Zumbiehl via Exim-dev wrote:
> >  may I suggest you put that on the
> > website somewhere?
> It was already there, at https://bugs.exim.org/enter_bug.cgi

That page only tells me that "Bugzilla needs a legitimate login and
password to continue.". Clicking around on that page, I now found that the
security report address is mentioned on
https://bugs.exim.org/describecomponents.cgi, which is linked as "Browse"
in the header and footer of the bug tracker page. Which is pretty
counterintuitive: When looking for a way to report a vulnerability that
maybe shouldn't be published for the time being, I probably won't be
browsing the public bugs.

And in any case, what I can say is that as a matter of fact I didn't find
it when I needed it, even if you think that I should have.

Regards, Florian

## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Reply via email to