Bug 892

Summary: Submitting a (non-critical) sudo security bug
Product: Sudo Reporter: jvennix
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: security    
Priority: normal    
Version: 1.8.27   
Hardware: All   
OS: All   

Description jvennix 2019-07-26 11:59:58 MDT 
I'm a little unsure if this is the right way to submit a security bug for sudo (e.g. will this get opened as Private), so I am submitting this without a description and then will update it once I see the ACLs are correctly set. Sorry for the inconvenience :)
Comment 1 jvennix 2019-07-26 12:01:35 MDT 
It appears to be public, glad I checked, oops - how does one submit a private bug to you all? I could not find a mailing list or anything similar.
Comment 2 Todd C. Miller 2019-07-26 12:48:03 MDT 
You can send it via email to sudo-bugs@sudo.ws.  If you are especially paranoid you can pgp encrypt it using https://www.sudo.ws/dist/PGPKEYS but since the mail server on sudo.ws uses TLS when possible pgp is usually not necessary.
Comment 3 jvennix 2019-07-26 12:48:46 MDT 
Ack, thanks Todd! I will send it over shortly.