[Tracker-discuss] [issue393] Security policy should be visible on top page of tracker, maybe every page
metatracker at psf.upfronthosting.co.za
Sun Apr 17 15:52:04 CEST 2011
New submission from Stephen Turnbull <stephen at xemacs.org>:
Python's documentation should make it clear at the most important entry points that the appropriate place to report possible security issues is security at python.org, not the tracker. In particular, the tracker's top page (the one you get from http://bugs.python.org/) should make that clear.
See the News/Security Advisories on Python's main pages and Brian Curtin's 2011-04-14 post for reasonable descriptions of the de facto policy.
The Tracker documentation probably should be updated with this as well.
It might be a good idea to have a way for triagers to suppress display of security issues by classifying them as security (eg, via priority, keyword, or possibly even resolution).
Xref thread starting at http://mail.python.org/pipermail/python-dev/2011-April/110722.html.
title: Security policy should be visible on top page of tracker, maybe every page
PSF Meta Tracker <metatracker at psf.upfronthosting.co.za>
More information about the Tracker-discuss