We have a security advisory for crates.io. Please read:https://users.rust-lang.org/t/security-advisory-for-crates-io-2016-08-15/6907 …
and usually, contacting the project in an encrypted fashion so they have a chance to fix it *is* the most responsible
-
-
Idk, I've seen the term "responsible disclosure" used for both (disclosing to vendor and to world)
-
(disclosing to world in event the vendor doesn't fix )
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.