Vulnerability Disclosure Process?

Started by Boo, April 09, 2020, 02:55:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 09, 2020, 02:55:18 PM Last Edit: April 09, 2020, 02:58:27 PM by Boo
Hi,

I'm new to Opnsense so don't know what your processes are, I've stumbled upon a way to get a root shell without a login. Is there a process that isn't the public forum to disclose a vulnerability?

Thanks
April 09, 2020, 03:16:16 PM #1
Hi,

Either unencrypted via project@opnsense.org or encrypted via security@opnsense.org (key should be on the cool GPG keyservers).


Cheers,
Franco
Print
Go Up Pages1
User actions