Closed dappelt closed 5 years ago
@dappelt Thanks for reaching out!
I have a wire account (@ixephus
), if that meets your requirements for secure/confidential information exchange. If not, let me know if you have any suggestions for alternatives.
Note: Alas, I seldom use the wire account (not many people I chat with regularly on there yet), so dropping a message like this is probably the best way to get me to check it.
Side note: @cactus do you intend to use GitHub's maintainer security advisories for this type of thing? As you can also establish a policy in there too which would help this type of discussion.
@jacobbednarz Interesting. I didn't realize that advisories allowed for private collaboration. I'll definitely look into it!
@jacobbednarz thanks again for the heads up.
Status:
nice one! I've just confirmed I can't see it so you're secrets are safe for now 🙂
created a draft security advisory, and invited @dappelt to collaborate on it.
Perfect, I provided more information on the draft.
Yeah, these look like valid issues. Working on fixes.
Specifications
Version: go-camo 1.1.4 Platform: Any
Behavior
I would like to report a security vulnerability in go-camo. Is there a prefered (and confidentially) way of receiving more details?