[LRUG] Keeping track of new security vulnerabilities?
Joel Chippindale
joel.chippindale at gmail.com
Sun Dec 29 00:01:57 PST 2013
I've opened an issue on rubygems guides suggesting that the guides include
information about what to do if you find or fix a security problem with a
gem, see https://github.com/rubygems/guides/issues/62
Do please comment on the issue if you have views on this,
J.
On 26 September 2013 08:19, Joel Chippindale <joel.chippindale at gmail.com>wrote:
>
> On 20 September 2013 10:11, Frederick Cheung <frederick.cheung at gmail.com>
>
>>
>> To turn this problem on its head, people who maintain gems: where would
>> you submit the info that a gem has been updated with a security release?
>> More than a few times I've found out about problems in smaller gems
>> through twitter - hardly ideal!
>>
>
> On the assumption that no one replied to Fred because no one knew what the
> *best* way to do this was - does anyone who has tried to report a
> vulnerability want to share their experiences (good or bad)?
>
> J.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20131229/044a3909/attachment-0003.html>
More information about the Chat
mailing list