Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 10 Jun 2016 09:23:50 +0200
From: Reed Loden <reed@...dloden.com>
To: Sam Saffron <sam.saffron@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Ruby gem rack-mini-profiler CVE-2016-4442

On Fri, Jun 10, 2016 at 8:10 AM, Sam Saffron <sam.saffron@...il.com> wrote:

>
> I am not sure how to go about announcing this CVE, where else to I
> need to post this?
>

This is actually somewhat documented, believe it or not!

http://guides.rubygems.org/security/#reporting-security-vulnerabilities

Yay for documentation! Though, boo for it needing to be updated since OSVDB
is gone now. :(

~reed

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ