If you discover a security vulnerability, we'd appreciate a non-public disclosure. systemd developers can be contacted privately on the [email protected] mailing list. The disclosure will be coordinated with distributions.

(The issue tracker and systemd-devel mailing list are fully public.)