sarlinpe
commented
11 months ago You can find my email on my website or in the git logs of this repo.
Open SCH227 opened 11 months ago
sarlinpe
commented
11 months ago You can find my email on my website or in the git logs of this repo.
SCH227
commented
11 months ago Your email on your personal website is the Security Channel of pycolmap project? I recommend adding a SECURITY.md file in your repo so reporters have clear instructions on how to handle disclosures.
sarlinpe
commented
11 months ago We've never faced this before so, no, we don't have a proper process - but we'll consider adding so, thank you. In the meantime our inbox is open: https://github.com/colmap/pycolmap/blob/03f610f17924cf44a50a02222fe402095cb20571/pyproject.toml#L12-L14 (update to email addresses in a pending PR)
SCH227
commented
11 months ago Emailed. Thank you for your awesome project!
Hello!
I may have found a security issue in latest version of pycolmap. Following responsible disclosure, is there an email or other private channel where I could share the details? Thank you