Gentoo Archives: gentoo-security

From: Robert Buchholz <rbu@g.o>
To: gentoo-security@l.g.o
Cc: Gentoo Security Team <security@g.o>, "Robin H. Johnson" <robbat2@g.o>
Subject: [gentoo-security] Reporting restricted bugs works again
Date: Wed, 20 Aug 2008 21:38:15
Hello all,

as you might be aware, the Gentoo Security Team encourages users to 
report security vulnerabilities or findings of code audits that are not 
yet public in our Bugzilla under the 'Gentoo Security' component.

However, as we learned earlier, it was not possible for users to 
restrict access to such security bugs, which would lead to a public 
disclosure of all details. This issue is now corrected, as an 
over-careful restriction in our template was lifted. I'd like to thank 
Robin H. Johnson for promptly investigating and resolving the issue!

You can find details on how to report confidential bugs in section 3 on 
this site:



File name MIME type
signature.asc application/pgp-signature