OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: anomaly0617 on November 17, 2020, 04:34:12 pm
-
Hypothetically, let's say we find a security vulnerability in OPNSense that we want to (privately!) bring to the attention of developers to get it resolved quickly and quietly. Who should we send this data to, and how should we send it?
Thanks!
-Anomaly0617
-
Hi there,
Drop us a line at security@opnsense.org -- a PGP key is available if required.
Cheers,
Franco
-
Hi Franco,
A PGP key would be appreciated. Thanks!
-
Found the GPG key, encrypted it and sent it to you for review.
Thanks, Franco!