Code

Opened 4 years ago

Closed 3 years ago

#12919 closed (fixed)

Ticket submission page should direct security issues to django-security.

Reported by: russellm Owned by: nobody
Component: *.djangoproject.com Version:
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

The "Create New Ticket" page in Trac gives lots of helpful "read this first" advice,but doesn't give one very important piece of advice - that security issues shouldn't be reported in Trac. Sample text for a new bullet point:

"If you are reporting something that you think might be a security issue, *DON'T POST IT HERE* - mail security@…. [See Django's security reporting policy http://docs.djangoproject.com/en/dev/internals/contributing/#id2] for more details"

Attachments (0)

Change History (3)

comment:1 Changed 4 years ago by russellm

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted

comment:2 Changed 4 years ago by ubernostrum

  • milestone 1.2 deleted

This is something we should do, but isn't critical to getting 1.2 out the door.

comment:3 Changed 3 years ago by jacob

  • Resolution set to fixed
  • Status changed from new to closed

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.