One of the many benefits of open source software is that security vulnerabilities can be caught faster with more eyes on the software. However, reporting a security vulnerability publicly might not be the best solution.
If you want to report a security issue to the Ojos Project Developers team, please email us at [email protected].
To ensure we get the most out of your initial report, please:
- Prepend
IRIS SECURITY REPORT:to the subject line - Provide a background of the vulnerability, if possible
- Write a detailed explanation of the vulnerability
- Include resources, articles, or anything that may help us fix this faster
We get to work!
We may also email you back asking for more information and/or help as we patch the issue.
Once the issue is patched, we will make an announcement. We will also acknowledge your involvement in the process if you so wish.