Code

Opened 7 months ago

Closed 7 months ago

Last modified 7 months ago

#21121 closed New feature (fixed)

Docs should contain a list of all security issues

Reported by: russellm Owned by: nobody
Component: Documentation Version: 1.5
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Suggestion via Graham Dumpleton on Twitter:

Django has policies for handling security releases. However we don't have a single canonical archive of every security problem that has been found. You either need to work through the blog archive, or work through the point release documentation.

We should add a summary page to our docs listing every security problem, severity, and affected versions.

Attachments (0)

Change History (5)

comment:1 Changed 7 months ago by grahamd

Vulnerability database link for Django Software Foundation:

http://osvdb.org/vendor/32442-django-software-foundation/1

comment:2 Changed 7 months ago by James Bennett <james@…>

  • Resolution set to fixed
  • Status changed from new to closed

In a2e25e8a830b1d8b3daa9afb1c2ad4f954bb7d3c:

Fix #21121: Add archive of security issues.

comment:3 Changed 7 months ago by Russell Keith-Magee <russell@…>

In bbabc5325c78a5d591e5c48ddfb8bf9a0a861a68:

Merge pull request #1641 from ubernostrum/security-issues-docs-21121

Fix #21121: Add archive of security issues.

comment:4 Changed 7 months ago by Russell Keith-Magee <russell@…>

In 886e876c7230bf2b3364d89f4240d00d8a3ab394:

[1.6.x] Fixed #21121: Added archive of security issues.

Backport of 9d3e60aa3e, 8e134c27c9, 8b3bae9466, c65ae7c969, bbabc5325c,
and a2e25e8a83 from master.

comment:5 Changed 7 months ago by Russell Keith-Magee <russell@…>

In 75c0aa43d33d1a6e1aad306ea144226843b1edab:

[1.5.x] Fixed #21121: Added archive of security issues.

Backport of 9d3e60a, 8e134c2, 8b3bae9, c65ae7c, bbabc53,
and a2e25e8 from master.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.