[DRE-maint] Do you receive security tracker emails from upstream redmine ?

Soren Stoutner soren at debian.org
Fri Aug 1 23:43:35 BST 2025


On Friday, August 1, 2025 7:19:34 AM Mountain Standard Time Jérémy Lal wrote:
> Hi,
> 
> I still receive these emails from upstream redmine:
> [Security - Defect #43083] Information disclosure in Two-Factor
> Authentication
> 
> but I'm not sure you do receive these, too.
> Also I'm not sure what would be the proper recipient (
> redmine at packages.debian.org ?).

No, redmine at packages.debian.org does not receive these emails, although it 
would probably be a good idea.  It looks like they are disclosed by email 
before they are publicly posted at:

https://www.redmine.org/projects/redmine/wiki/Security_Advisories

-- 
Soren Stoutner
soren at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-ruby-extras-maintainers/attachments/20250801/3a40d287/attachment.sig>


More information about the Pkg-ruby-extras-maintainers mailing list