On 11/8/19 10:08 AM, Tim Rühsen wrote: > Hi, > > what is the preferred way (or policy) to report security related issues > like buffer overflows ? The bug tracker seems to have no 'confidential' > flag. I just don't want to accidentally disclose such an issue. I'd suggest contacting Nick directly. Jeff