On feedback from Andre it seems folks have competing/vague/fuzzy ideas about WHAT a security issue is. That seems fair as we don't try to describe our model/view of it anywhere that I can find. Seems like a needed section to our reporting page
Description
Description
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | • chasemp | T240490 Revamping Security-Team Work Intake and Flows | |||
| Resolved | • chasemp | T240901 Write 'What is a Security Issue' for mw.org report page |
Event Timeline
Comment Actions
first crack at this, we can revise that language and massage as we go
https://www.mediawiki.org/wiki/Reporting_security_bugs#What_is_Considered_A_Security_Issue