[
https://issues.apache.org/jira/browse/FINERACT-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18023429#comment-18023429
]
James Dailey commented on FINERACT-1042:
----------------------------------------
All Apache projects may use security reporting that is centralized
or the PMC specific security email.
This ticket should have not been created without first consulting the Fineract
wiki
Fineract security issues should be reported to security @ fineract Apache org
Closing as resolved.
> Add Information in Readme to report Security vulnerabilities
> -------------------------------------------------------------
>
> Key: FINERACT-1042
> URL: https://issues.apache.org/jira/browse/FINERACT-1042
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Manthan Surkar
> Assignee: James Dailey
> Priority: Major
> Labels: technical
>
> Fineract may have a hidden security vulnerability, which cannot be disclosed
> publically by making a Jira issue or mailing on the list (since it may affect
> current users). Should we add a contact email and information on how to
> handle this in the readme? I tried to find if we are already doing this(I
> could not find any).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
