|
|
|
|
|
|
by RichiH
1655 days ago
|
|
|
I talked to Jordy about it. It was his first CVSS HIGH vulnerability and he was super happy & excited about it. While we would have preferred if things went differently, it was an honest mistake. On balance, I still prefer if someone approaches us with good intentions and messes up a bit over someone simply dumping a 0day into the wild or into private circles. And this way, we at least had a tested patch in hand already and knew that Grafana Cloud was not affected. And as per https://news.ycombinator.com/item?id=29495431 ... we all make mistakes. |
|
|