1
0
mirror of https://github.com/django/django.git synced 2025-10-25 14:46:09 +00:00

Rephrased the docs for reporting security issues to make it less intimidating.

This commit is contained in:
Loic Bistuer
2013-07-16 17:14:16 +07:00
parent 862a04a56d
commit aff0aa3af8

View File

@@ -19,7 +19,7 @@ security@djangoproject.com**.
Most normal bugs in Django are reported to `our public Trac Most normal bugs in Django are reported to `our public Trac
instance`_, but due to the sensitive nature of security issues, we ask instance`_, but due to the sensitive nature of security issues, we ask
that they *not* be publicly reported in this fashion. that they **not** be publicly reported in this fashion.
Instead, if you believe you've found something in Django which has Instead, if you believe you've found something in Django which has
security implications, please send a description of the issue via security implications, please send a description of the issue via
@@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward
security issues into the private committers' mailing list for broader security issues into the private committers' mailing list for broader
discussion if needed. discussion if needed.
You can send encrypted email to this address; the public key ID for
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this
public key is available from most commonly-used keyservers.
Once you've submitted an issue via email, you should receive an Once you've submitted an issue via email, you should receive an
acknowledgment from a member of the Django development team within 48 acknowledgment from a member of the Django development team within 48
hours, and depending on the action to be taken, you may receive hours, and depending on the action to be taken, you may receive
further followup emails. further followup emails.
.. note::
If you want to send an encrypted email (*optional*), the public key ID for
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public
key is available from most commonly-used keyservers.
.. _our public Trac instance: https://code.djangoproject.com/query .. _our public Trac instance: https://code.djangoproject.com/query
.. _security-support: .. _security-support: