mirror of
https://github.com/django/django.git
synced 2025-10-23 21:59:11 +00:00
Merge pull request #1358 from loic/docs
Rephrased the docs for reporting security issues to make it less intimidating.
This commit is contained in:
@@ -19,7 +19,7 @@ security@djangoproject.com**.
|
||||
|
||||
Most normal bugs in Django are reported to `our public Trac
|
||||
instance`_, but due to the sensitive nature of security issues, we ask
|
||||
that they *not* be publicly reported in this fashion.
|
||||
that they **not** be publicly reported in this fashion.
|
||||
|
||||
Instead, if you believe you've found something in Django which has
|
||||
security implications, please send a description of the issue via
|
||||
@@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward
|
||||
security issues into the private committers' mailing list for broader
|
||||
discussion if needed.
|
||||
|
||||
You can send encrypted email to this address; the public key ID for
|
||||
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this
|
||||
public key is available from most commonly-used keyservers.
|
||||
|
||||
Once you've submitted an issue via email, you should receive an
|
||||
acknowledgment from a member of the Django development team within 48
|
||||
hours, and depending on the action to be taken, you may receive
|
||||
further followup emails.
|
||||
|
||||
.. note::
|
||||
|
||||
If you want to send an encrypted email (*optional*), the public key ID for
|
||||
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public
|
||||
key is available from most commonly-used keyservers.
|
||||
|
||||
.. _our public Trac instance: https://code.djangoproject.com/query
|
||||
|
||||
.. _security-support:
|
||||
|
Reference in New Issue
Block a user