Describe the bug reporting process in more detail
For vulnerability reporters who are newcomers to online bug tracking systems, a little additional instruction on filing security bugs can help reduce mistakes and requests for assistance with the process. Change-Id: I2d40b2aec377c63b0f50796abd406fa21265071f
This commit is contained in:
parent
85a22e290e
commit
93237657ad
|
@ -44,8 +44,12 @@ How to Report Security Issues to OpenStack
|
|||
We provide two ways to report issues to the OpenStack Vulnerability Management
|
||||
Team depending on how sensitive the issue is:
|
||||
|
||||
* Open a bug in Launchpad and mark it as a 'security bug'. This will make the
|
||||
bug Private and only accessible to the Vulnerability Management Team.
|
||||
* Search for the corresponding project at https://launchpad.net/ and after
|
||||
selecting it, click the 'Report a bug' link at the right. Fill in a
|
||||
summary and further information describing the issue, then click the
|
||||
'This bug is a security vulnerability' checkbox near the bottom of the
|
||||
page before submitting it. This will make the bug Private and only
|
||||
accessible to the Vulnerability Management Team.
|
||||
|
||||
* If the issue is extremely sensitive, please send an encrypted email to one
|
||||
of the Team's members. Their GPG keys can be found below, and are also
|
||||
|
|
Loading…
Reference in New Issue