zsh-workers
 help / color / mirror / code / Atom feed
From: "Daniel Shahaf" <d.s@daniel.shahaf.name>
To: reportyigit46@protonmail.com, gi1242+zsh@gmail.com
Cc: zsh-workers@zsh.org
Subject: Re: Security
Date: Fri, 25 Dec 2020 16:06:52 +0000	[thread overview]
Message-ID: <a5f44f89-bec5-487d-aee3-8c4eb4f521fa@www.fastmail.com> (raw)
In-Reply-To: <Uzy4-LW1s3eKrllB-zw35G-ORZsJNQl6uPzDhishTuzE-QC_Hir0nOOi00r5bRdlm-N9GbNJL9gGifBuXxQt8QKlz7yATk4Ah4bxVqOjQKM=@protonmail.com>

Sorry for the delay.  It sounds like you emailed _only_ Oliver, so he
might simply be on holiday.  In any case, to avoid a single point of
failure, please email the details to zsh-infra@zsh.org.  Thanks!

Note to -workers@: Folks who have dealt with previous security issues
(or are otherwise trusted) and aren't already on -infra@ are welcome to
join. Just send a subscription request the usual way.  (And yes,
a separate -security@ list might be a good idea, or at least an alias.)

Cheers,

Daniel

reportyigit46 wrote on Wed, 23 Dec 2020 18:50 +00:00:
> Hello,
> Thank you for contacting me. I was sent issue details. But i can't get answer
> 
> Thank you,
> 
> 
> Sent with ProtonMail Secure Email.
> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Wednesday, 23 December 2020 20:18, <gi1242+zsh@gmail.com> wrote:
> 
> > On Wed, Dec 23, 2020 at 05:53:26AM +0000, reportyigit46 wrote:
> >
> > > I can’t get answer from Oliver. Which one can give me answer?
> >
> > Just FYI -- if you email the devs and tell them the security issue, I'm
> > sure they will handle it and respond. (They are responsive to
> > inconsequential things like color changes; they will certainly respond
> > to security issues.)
> >
> > However, if you email them only saying "I have a security issue", they
> > will likely ignore your message thinking it's spam. I do get one such
> > email every day telling me my account has been suspended and I need to
> > respond "urgently". I usually delete such emails, unless it is coming
> > from an official 100% real Nigerian prince...
> >
> > GI
> >
> > ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >
> > Wife: "Go to the store and buy a loaf of bread. If they have eggs, buy a
> > dozen."
> > The programmer husband returns with 12 loaves of bread.
> 
> 
> 
>


  reply	other threads:[~2020-12-25 16:07 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-20 13:13 Security reportyigit46
2020-12-20 13:46 ` Security Jérémie Roquet
2020-12-23  5:53   ` Security reportyigit46
2020-12-23 17:17     ` Security Peter Stephenson
2020-12-23 17:18     ` Security gi1242+zsh
2020-12-23 18:50       ` Security reportyigit46
2020-12-25 16:06         ` Daniel Shahaf [this message]
2020-12-27 21:48           ` Security Phil Pennock
2020-12-27 22:40             ` Security Jérémie Roquet
2020-12-27 23:37               ` Security Phil Pennock
2020-12-28  0:11                 ` Security Jérémie Roquet
2020-12-28 10:46                   ` Security Daniel Shahaf
2020-12-28 11:08                     ` Security Jérémie Roquet
2020-12-28 10:50             ` Security Daniel Shahaf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a5f44f89-bec5-487d-aee3-8c4eb4f521fa@www.fastmail.com \
    --to=d.s@daniel.shahaf.name \
    --cc=gi1242+zsh@gmail.com \
    --cc=reportyigit46@protonmail.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).