Hey, On Sat, Mar 20, 2010 at 07:42:48AM +0100, Werner LEMBERG wrote: > > > I have received a report of a possible security vulnerability > > that I need to pass on to the freetype developers for investigation. > > Please report it to me privately. > > > There doesn't seem to be a specific place to report security > > problems to, and the tracker on Savannah > > (https://savannah.nongnu.org/bugs/?func=additem&group=freetype) > > doesn't have a way (that I can see) to make an issue > > private/confidential. > > Indeed. Savannah guys, how should this be managed correctly? In case > there isn't a proper infrastructure it should be added IMHO as soon as > possible.
You'll want to add the 'Privacy' field to your tracker. I believe your team trimmed it to the minimum ;) https://savannah.nongnu.org/bugs/admin/field_usage.php?group=freetype -- Sylvain
