You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cocoon.apache.org by Joachim Ring <jr...@web.de> on 2004/08/17 00:23:47 UTC

Procedure to Report Vulnerabilities in Cocoon

Greetings,

what is the established procedure to report a security flaw in cocoon
without disclosing it to the general public?

A co-worker has brought a problem in cocoon to my attention which seems
to be present in versions up to 2.1.5 which i think is latest & greatest.

Thanks in advance for your troubles,

Joachim

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org

Re: Procedure to Report Vulnerabilities in Cocoon

Posted by Steven Noels <st...@outerthought.org>.

On 17 Aug 2004, at 00:23, Joachim Ring wrote:

> Greetings,
>
> what is the established procedure to report a security flaw in cocoon
> without disclosing it to the general public?
>
> A co-worker has brought a problem in cocoon to my attention which seems
> to be present in versions up to 2.1.5 which i think is latest & 
> greatest.

It is. Please send a description of the flaw to pmc@cocoon.apache.org - 
and thanks for your effort!

Cheers,

</Steven>
-- 
Steven Noels                            http://outerthought.org/
Outerthought - Open Source Java & XML            An Orixo Member
Read my weblog at            http://blogs.cocoondev.org/stevenn/
stevenn at outerthought.org                stevenn at apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org