++ to everything Jeremy said.
#19 looks good to me.
I prefer to err on the side of caution and since this has been maintained "private" this should be pushed as embargoed.
We should not skip/change the process. It is important to maintain consistency in reporting/disclosing security bugs.
++ to everything Jeremy said.
#19 looks good to me.
I prefer to err on the side of caution and since this has been maintained "private" this should be pushed as embargoed.
We should not skip/change the process. It is important to maintain consistency in reporting/ disclosing security bugs.