Text only | Text with Images

OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: Boo on April 09, 2020, 02:55:18 PM

Title: Vulnerability Disclosure Process?
Post by: Boo on April 09, 2020, 02:55:18 PM
Hi,

I'm new to Opnsense so don't know what your processes are, I've stumbled upon a way to get a root shell without a login. Is there a process that isn't the public forum to disclose a vulnerability?

Thanks
Title: Re: Vulnerability Disclosure Process?
Post by: franco on April 09, 2020, 03:16:16 PM
Hi,

Either unencrypted via project@opnsense.org or encrypted via security@opnsense.org (key should be on the cool GPG keyservers).


Cheers,
Franco
Text only | Text with Images