Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Reporting security vulnerabilities
« previous
next »
Print
Pages: [
1
]
Author
Topic: Reporting security vulnerabilities (Read 2032 times)
anomaly0617
Jr. Member
Posts: 50
Karma: 0
Reporting security vulnerabilities
«
on:
November 17, 2020, 04:34:12 pm »
Hypothetically, let's say we find a security vulnerability in OPNSense that we want to (privately!) bring to the attention of developers to get it resolved quickly and quietly. Who should we send this data to, and how should we send it?
Thanks!
-Anomaly0617
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Reporting security vulnerabilities
«
Reply #1 on:
November 17, 2020, 04:37:19 pm »
Hi there,
Drop us a line at security@opnsense.org -- a PGP key is available if required.
Cheers,
Franco
Logged
anomaly0617
Jr. Member
Posts: 50
Karma: 0
Re: Reporting security vulnerabilities
«
Reply #2 on:
November 17, 2020, 04:55:11 pm »
Hi Franco,
A PGP key would be appreciated. Thanks!
Logged
anomaly0617
Jr. Member
Posts: 50
Karma: 0
Re: Reporting security vulnerabilities
«
Reply #3 on:
November 17, 2020, 05:35:27 pm »
Found the GPG key, encrypted it and sent it to you for review.
Thanks, Franco!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Reporting security vulnerabilities