You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by GitBox <gi...@apache.org> on 2022/11/19 21:13:05 UTC

[GitHub] [maven-verifier] JLLeitschuh commented on pull request #62: [SECURITY] Fix Temporary File Information Disclosure Vulnerability

JLLeitschuh commented on PR #62:
URL: https://github.com/apache/maven-verifier/pull/62#issuecomment-1320970494

   Hi @slawekjaranowski,
   
   I know about the ASF disclosure process. But I'm attempting to resolve this vulnerability at-scale by automatically generating north of 1k pull requests across the OSS ecosystem. At this scale, it's somewhat impractical to disclose manually to every project.
   
   I have used the ASF disclosure process, and will use it again in the future, but when working at this scale, it's unfortunately impractical.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org