Hello,
about 2 months ago I wrote already to this mailing list, mentioning that
the vulnerability reporting workflow is not ideal:
https://lists.apache.org/thread/zo1mlsfx79ylhzj8h9ojohbghp9lx24s
Back then Arnout Engelen responded and asked whether I could provide a
potential fix for the vuln
(dropping security@c.a.o to avoid cross-posting between private and public
lists)
On Sat, Jul 15, 2023 at 6:26 PM
wrote:
> as suggested in the comments on
> https://issues.apache.org/jira/browse/IMAGING-354 I am now raising this
> issue here instead.
>
Thanks for sharing your experience!
> In
