Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Recommend use of github reporting mechanism ? #2

Open
planetf1 opened this issue May 20, 2024 · 1 comment
Open

Recommend use of github reporting mechanism ? #2

planetf1 opened this issue May 20, 2024 · 1 comment

Comments

@planetf1
Copy link

As noted from the 2024-05-14 oqs meeting minutes

Douglas reports that a security issue for oqs-provider has been received by email with a proposed patch; Douglas has looped in Michael. Ry notes that Github has a feature to allow for receiving security issues and that this can be used to create private repositories for dealing with the issue as well as issuing an advisory. If the original reporters re-file using this mechanism, then they can get credit as well as a CVE if desired.

  • This can be in addition to other approaches (including email) but could be enabled on PQCA repositories
@ryjones
Copy link
Member

ryjones commented May 20, 2024

To be clear, this is already enabled on all PQCA orgs and repos.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ryjones @planetf1