At this point in time, with exploits in the wild [1], there's no reason to keep this bug as "Private security". Please open the bug, and act transparently, we don't want/need to uselessly keep this one undisclosed, I'd see it as being dishonest to our users.
At this point in time, with exploits in the wild [1], there's no reason to keep this bug as "Private security". Please open the bug, and act transparently, we don't want/need to uselessly keep this one undisclosed, I'd see it as being dishonest to our users.
[1] https:/ /github. com/fjserna/ CVE-2015- 7547