Hi,
There is now a mechanism in place for reporting security bugs via
Bugzilla. If you look at the footer, you should now see a 'Report
security bug' link. This allows someone who has a Bugzilla account to
enter a bug in a new BZ product called 'Koha security'.
Bugs reported in this fashion are
Galen Charlton schreef op di 04-02-2014 om 14:40 [-0800]:
> This is not set in stone, so I invite discussion of the security
> policy. I also invite anybody who may have been sitting on security
> bugs for lack of a means to report them securely to go ahead and use
> BZ.
I'd suggest adding a link
I've created the page http://www.koha-community.org/security explicitly
for this purpose.
Liz
On 05/02/14 11:52, Robin Sheat wrote:
> Galen Charlton schreef op di 04-02-2014 om 14:40 [-0800]:
>> This is not set in stone, so I invite discussion of the security
>> policy. I also invite anybody who m
Hi,
On Tue, Feb 4, 2014 at 2:52 PM, Robin Sheat wrote:
> Also, would it perhaps be good to autosubscribe the people on that list
> to the bug (if that's not happening already)?
We'll need to figure out the best way of doing this, since there is no
way in BZ to specify that members of a given gro