Community
Participate
Working Groups
Hello Eclipse Security Team I just stumbled upon the following Mailing List archive via Google: https://www.eclipse.org/lists/security/threads.html => As you can see this means the (private) Eclipse Security Mailing list is publicly accessible! Firstly, you should make the list archive private again. Secondly and more importantly, this means that all vulnerability reports discussed on this list are publicly accessible and should be considered as publicly known. This messages was also sent to security@eclipse.org, but has not yet shown up in the Archive.
I swear that we set this up without an archive at all. Webmaster, please remove the archive of this mailing list.
The archive has been removed. Good catch. -M.