Talk:Reporting security bugs

From mediawiki.org

Redundancy[edit]

Latest comment: 7 years ago1 comment1 person in discussion

This page partly duplicates Security and is less discoverable. Can the two be merged or coordinated in some way, please? --Nemo 12:05, 31 January 2017 (UTC)Reply

When should a bug be reported as a security issue?[edit]

Latest comment: 4 years ago1 comment1 person in discussion

Sometimes, I find a bug and I don't really know if it should be considered as a security issue or not. It would be useful to have some criteria on this page.

To give examples: I didn't report phab:T33656, phab:T45137, phab:T102063 and phab:T150796 as security bugs. The last one was marked marked as a security bug afterwards. Should I have reported the others as such?

Of course, I could just mark bugs as security when I'm not sure and let the security team decide. But the resources to fix those issues seem limited (since only a small number of people can see them), so I don't want to needlessly do it.

Orlodrim (talk) 22:05, 23 May 2019 (UTC)Reply

Retrieved from "https://www.mediawiki.org/w/index.php?title=Talk:Reporting_security_bugs&oldid=5979312"