top | item 44821806

(no title)

satoqz | 6 months ago

OpenBao maintainer here - The majority of these does affect us, more or less. Unfortunately it seems that we did not receive any prior outreach regarding these vulnerabilities before publication... make of that what you will. We've been hard at work the past days trying to get a security release out, which will likely land today.

discuss

Scandiravian|6 months ago

Thanks for the great work and swift communication

I'm very disappointed to hear that the researchers did not disclose these findings to the OpenBao project before publishing them, so you now have to rush a release like this

Will you reach out to the researchers for an explanation after you've fixed the issues?

wafflemaker|6 months ago

I can explain* researchers (and myself, though have nothing to do with it): We both learned about OpenBao today.

explanation ≠ excuse