tomaswolf commented on PR #250:
URL: https://github.com/apache/mina-sshd/pull/250#issuecomment-1272498780
> disclosure via email is unfortunately somewhat impractical.
This is not responsible behavior :-( as could be expected from any serious
security researcher. Even if it takes effort perhaps it would be worth setting
up the necessary infrastructure. If you can mass-generate PRs, there is surely
also a way to auto-generate security notices via e-mail instead, without
causing undue burden for human operators.
Closing this: it's not a security vulnerability, and I won't change working
and correct code for the sake of it with a commit message claiming it was a
security vulnerability fix.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org