[mapserver-dev] "Security/Vulnerability (Private)" tickets are not private
Even Rouault
even.rouault at mines-paris.org
Fri Nov 8 12:00:50 PST 2013
Hi,
The label "Security/Vulnerability (Private)" in github doesn't result in
tickets that are only visible by the reporter or the security team. The
tickets just seem to be world visible. See the following dummy ticket :
https://github.com/mapserver/mapserver/issues/4806
I'm not sure if it can be solved. If not, we should probably remove that label
and edit http://www.mapserver.org/development/bugs.html to have a more
appropriate procedure.
It used to work with Trac if I remember well. Should we re-enable Trac tickets
just for security related tickets ?
Even
--
Geospatial professional services
http://even.rouault.free.fr/services.html
More information about the mapserver-dev
mailing list