[keycloak-dev] Setup 'keycloak-security' mailing list
bruno at abstractj.org
Thu Aug 17 09:56:20 EDT 2017
Go for it! +1 I'd add a very visible section at the website and README
files, about reporting vulnerabilities. Today we have this
http://www.keycloak.org/community.html. But it's not that obvious.
I'd suggest something like https://www.emberjs.com/security/
On Thu, Aug 17, 2017 at 7:22 AM Stian Thorgersen <sthorger at redhat.com>
> We need to have a dedicated place to report and discuss security
> vulnerabilities. This should be a list anyone can send to, but only
> specific people can subscribe to.
> I'd like to create a new mailing list 'keycloak-security' for this purpose
> and have everyone on the team subscribed.
> Thoughts? Suggestions to alternative approaches?
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
More information about the keycloak-dev