Re: [exim-dev] tls_sni = $host in default configuration file

Pàgina inicial
Delete this message
Reply to this message
Autor: Richard James Salts
Data:  
A: exim-dev
Assumpte: Re: [exim-dev] tls_sni = $host in default configuration file
On Friday, 4 January 2019 2:02:20 AM AEDT Florian Zumbiehl via Exim-dev wrote:
> Hi,
>
> > For the record, if you have a sensitive security issue, please mail
> >
> >     security@???

>
> well, that's good to know, I guess, but may I suggest you put that on the
> website somewhere?


It probably would be useful to include it on the website, but if you attempt
to submit a bug it does have a disclaimer at the top: "If you have a sensitive
security issue, please mail security@???" although it doesn't have
instructions on how to encrypt with the maintainer's public keys.

> Just put a text file in
> https://www.exim.org/static/doc/security/ or something, that's linked as
> "security" from the start page, so that should be easy enough to discover.
>
> Even knowing the address, the only thing I can find on the web containing
> that address are some files in /.github/ in the repo, hosted on github, so
> that's kinda impossible to find.
>
> Adding a file in the root of the repo might also be a good idea ...
>
> Regards, Florian