The gstore team and community take security bugs in this project seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
If you discover a security vulnerability within gstore, please send an e-mail to Serghei Iakovlev via gnu [at] serghei [dot] pl. All security vulnerabilities will be promptly addressed.
When reporting a security issue, please include the following details:
- Description of the location and potential impact of the vulnerability;
- A detailed description of the steps required to reproduce the vulnerability;
- Information about known mitigations and workarounds;
- A list of affected versions;
- Credit to the security researcher or team reporting the issue.
After the initial reply to your report, the we will keep you informed of the progress being made towards a fix and full announcement, and may ask for additional information or guidance.