You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/08/13 01:17:35 UTC

[Bug 3681] New: security addresses and bug tracking

http://bugzilla.spamassassin.org/show_bug.cgi?id=3681

           Summary: security addresses and bug tracking
           Product: Spamassassin
           Version: unspecified
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P1
         Component: Documentation
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: quinlan@pathname.com


Set up an official address for security-related issues at
security@spamassassin.apache.org which would send issues to:

  - SpamAssassin PMC or committers (or whatever we decide our security
    group is)
  - protected Bugzilla submission (only viewable by PMC or committers)

My model for how this should be published is:

  http://httpd.apache.org/security_report.html

The second task which is obviously predicated on Bugzilla support
is setting up a product/component for security issues that is only
viewable by the PMC or committers.  If we do this (I think we should),
it would be optimal to also feed it with security@ messages so all
security issues would be ticketed and tracked automatically.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.