Dann, I'd rather report this through their GitHub's Report a Vulnerability feature https://github.com/tianocore/edk2/security
EDK II enabled this feature for reporting, and it is a better platform for all of us to communicate with them.
I can file a bug noting the discrepancy in their reporting policies, and followup on bugzilla to direct their other devs to the GHSA issue.
Dann, I'd rather report this through their GitHub's Report a Vulnerability feature https:/ /github. com/tianocore/ edk2/security
EDK II enabled this feature for reporting, and it is a better platform for all of us to communicate with them.
I can file a bug noting the discrepancy in their reporting policies, and followup on bugzilla to direct their other devs to the GHSA issue.