mirror of
				https://github.com/django/django.git
				synced 2025-10-25 06:36:07 +00:00 
			
		
		
		
	Merge pull request #1358 from loic/docs
Rephrased the docs for reporting security issues to make it less intimidating.
This commit is contained in:
		| @@ -19,7 +19,7 @@ security@djangoproject.com**. | ||||
|  | ||||
| Most normal bugs in Django are reported to `our public Trac | ||||
| instance`_, but due to the sensitive nature of security issues, we ask | ||||
| that they *not* be publicly reported in this fashion. | ||||
| that they **not** be publicly reported in this fashion. | ||||
|  | ||||
| Instead, if you believe you've found something in Django which has | ||||
| security implications, please send a description of the issue via | ||||
| @@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward | ||||
| security issues into the private committers' mailing list for broader | ||||
| discussion if needed. | ||||
|  | ||||
| You can send encrypted email to this address; the public key ID for | ||||
| ``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this | ||||
| public key is available from most commonly-used keyservers. | ||||
|  | ||||
| Once you've submitted an issue via email, you should receive an | ||||
| acknowledgment from a member of the Django development team within 48 | ||||
| hours, and depending on the action to be taken, you may receive | ||||
| further followup emails. | ||||
|  | ||||
| .. note:: | ||||
|  | ||||
|     If you want to send an encrypted email (*optional*), the public key ID for | ||||
|     ``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public | ||||
|     key is available from most commonly-used keyservers. | ||||
|  | ||||
| .. _our public Trac instance: https://code.djangoproject.com/query | ||||
|  | ||||
| .. _security-support: | ||||
|   | ||||
		Reference in New Issue
	
	Block a user