Improving our security
Ethan Blanton
elb at pidgin.im
Thu Sep 3 15:10:22 EDT 2009
Hi,
If you're reading this, it means that you've been added to
security at pidgin.im. The intent is that this list will be our primary
point of contact for security vulnerabilities and disclosures from
third parties. http://pidgin.im/security/ explains this, and our hope
is that individuals or organizations who have discovered security
flaws in Pidgin, libpurple, finch, or other related projects will
notify us by way of this list.
All information on this list is considered privileged information --
please do not disclose it unless necessary. The idea is that every
vulnerability will be made public when a fix is available and
packagers can be notified, but until that time, we wish to keep
vulnerabilities under wraps. This is pretty standard, and something
you are probably already aware of.
This list allows post from non-members, and is NOT spam filtered.
This increases the probability that legitimate posts will actually be
received by someone. (It is unlikely that all of our individual spam
filters will collectively can a legitimate email.) If you do not wish
to be subscribed to a list with this policy, or wish to have your
subscription address changed, please contact me and I will correct
this.
Thanks for reading,
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://one.pidgin.im/cgi-bin/mailman/private/security/attachments/20090903/e0068a97/attachment.pgp>
More information about the security
mailing list