Hi,
maybe it's better to send the details of vulnerables only to the team members
and not to the list. If to detailed information are public it increases the
risk of attacks until a fix is available.
Maybe the team can provide a separate email address for security on the
homepage until a bugtracker exists which allows to mark bugs as
not-public-visible.
Regards,
Marc
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
