Security patches and gpg 1/2 development
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Nov 26 19:59:51 CET 2014
On 11/26/2014 10:59 AM, Anish Athalye wrote:
> What is the right place to send patches for and discuss security issues in gpg? The gpg-devel mailing list? Or directly to some particular person?
patches should go to gnupg-devel at gnupg.org, or to a bug report if you
file one here:
Hopefully Werner can weigh in on what to do if you have a sensitive
security issue that you want to embargo (this should probably also be
added somewhere prominent on https://www.gnupg.org/)
> Also, are there two different repositories for gpg 1/2 development? How exactly is that organized?
they're all branches in one repository:
git clone git://git.gnupg.org/gnupg.git
and take a look at:
git branch -a
You might also be interested in some of the info here: http://git.gnupg.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 949 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users