Security patches and gpg 1/2 development
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Nov 26 19:59:51 CET 2014
On 11/26/2014 10:59 AM, Anish Athalye wrote:
> What is the right place to send patches for and discuss security issues in gpg? The gpg-devel mailing list? Or directly to some particular person?
patches should go to gnupg-devel at gnupg.org, or to a bug report if you
file one here:
https://bugs.g10code.com/gnupg/index
Hopefully Werner can weigh in on what to do if you have a sensitive
security issue that you want to embargo (this should probably also be
added somewhere prominent on https://www.gnupg.org/)
> Also, are there two different repositories for gpg 1/2 development? How exactly is that organized?
they're all branches in one repository:
git clone git://git.gnupg.org/gnupg.git
and take a look at:
git branch -a
You might also be interested in some of the info here: http://git.gnupg.org/
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141126/537e84c8/attachment.sig>
More information about the Gnupg-users
mailing list