> On 05 Oct 2015, at 00:38, Jason A. Donenfeld <[email protected]> wrote: > > At some point we might want a CVE for this. >
Please, next time you publish such a security issue -- give developers a chance to provide patches, *before* going public. Think of the production servers which run un-patched now. You may want to read about responsible disclosures [1] [1] https://en.wikipedia.org/wiki/Responsible_disclosure -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
