content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Private Vulnerability Disclosure not Enabled

Open fproulx-boostsecurity opened this issue 6 months ago • 5 comments

Description of problem:

We have vulnerability disclosure and we would like to use GitHub's private vulnerability disclosure feature, can you please enable it on the repo ? Or otherwise please specify which method you wish to use for disclosure.

fproulx-boostsecurity avatar May 13 '25 19:05 fproulx-boostsecurity

Please email [email protected]. More information (including PGP keys) can be found here.

It might help if you mention that this repo is the upstream source for scap-security-guide package in your report.

Mab879 avatar May 13 '25 20:05 Mab879

@Mab879 sent email to [email protected] just now.

fproulx-boostsecurity avatar May 20 '25 20:05 fproulx-boostsecurity

@Mab879 this has been sent, but we are not getting much response.

fproulx-boostsecurity avatar Jun 03 '25 14:06 fproulx-boostsecurity

I'm not sure were the report is officially, but a fix should be coming this week.

Mab879 avatar Jun 03 '25 16:06 Mab879

Thanks for the update @Mab879

fproulx-boostsecurity avatar Jun 04 '25 15:06 fproulx-boostsecurity