OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Reporting security vulnerabilities
« previous next »
  • Print
Pages: [1]

Author Topic: Reporting security vulnerabilities  (Read 1308 times)

anomaly0617

  • Newbie
  • *
  • Posts: 34
  • Karma: 0
    • View Profile
Reporting security vulnerabilities
« on: November 17, 2020, 04:34:12 pm »
Hypothetically, let's say we find a security vulnerability in OPNSense that we want to (privately!) bring to the attention of developers to get it resolved quickly and quietly. Who should we send this data to, and how should we send it?

Thanks!
-Anomaly0617
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13988
  • Karma: 1211
    • View Profile
Re: Reporting security vulnerabilities
« Reply #1 on: November 17, 2020, 04:37:19 pm »
Hi there,

Drop us a line at security@opnsense.org -- a PGP key is available if required.


Cheers,
Franco
Logged

anomaly0617

  • Newbie
  • *
  • Posts: 34
  • Karma: 0
    • View Profile
Re: Reporting security vulnerabilities
« Reply #2 on: November 17, 2020, 04:55:11 pm »
Hi Franco,

A PGP key would be appreciated. Thanks!
Logged

anomaly0617

  • Newbie
  • *
  • Posts: 34
  • Karma: 0
    • View Profile
Re: Reporting security vulnerabilities
« Reply #3 on: November 17, 2020, 05:35:27 pm »
Found the GPG key, encrypted it and sent it to you for review.

Thanks, Franco!
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Reporting security vulnerabilities
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2