Hi, In the Geoserver project we have a dedicated, closed, moderated and not archived mailing list for reporting vulnerabilities https://lists.osgeo.org/mailman/listinfo/geoserver-security.
We advice users to use just that mailing list in user documentation http://geoserver.org/comm/ and in the issue tracker https://osgeo-org.atlassian.net/projects/GEOS/summary PSC members are all members on the list and also moderators. Only mails which are accepted by a moderator are sent to recipients. About 80 percent of mails are either spam or unknown people are trying to get accepted to the security list and moderator just deletes those mails. The rest 20% has been good stuff and in many cases absolutely something that we do not want to see on the open mailing lists or in the issue tracker. -Jukka Rahkonen- Sandro Santilli-4 wrote > Sounds like a treasure hunt. How about writing a few words on > https://qgis.org/en/site/getinvolved/development/bugreporting.html ? > Maybe also defining an email alias @qgis.org to receive those > reports.. > > --strk; > _______________________________________________ > QGIS-Developer mailing list > [email protected] > List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer > Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer -- Sent from: http://osgeo-org.1560.x6.nabble.com/QGIS-Developer-f4099106.html _______________________________________________ QGIS-Developer mailing list [email protected] List info: https://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: https://lists.osgeo.org/mailman/listinfo/qgis-developer
