Merge pull request #1358 from loic/docs

Rephrased the docs for reporting security issues to make it less intimidating.
This commit is contained in:
Tim Graham 2013-07-16 03:20:59 -07:00
commit ce5c8a392f
1 changed files with 7 additions and 5 deletions

View File

@ -19,7 +19,7 @@ security@djangoproject.com**.
Most normal bugs in Django are reported to `our public Trac
instance`_, but due to the sensitive nature of security issues, we ask
that they *not* be publicly reported in this fashion.
that they **not** be publicly reported in this fashion.
Instead, if you believe you've found something in Django which has
security implications, please send a description of the issue via
@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward
security issues into the private committers' mailing list for broader
discussion if needed.
You can send encrypted email to this address; the public key ID for
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this
public key is available from most commonly-used keyservers.
Once you've submitted an issue via email, you should receive an
acknowledgment from a member of the Django development team within 48
hours, and depending on the action to be taken, you may receive
further followup emails.
.. note::
If you want to send an encrypted email (*optional*), the public key ID for
``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public
key is available from most commonly-used keyservers.
.. _our public Trac instance: https://code.djangoproject.com/query
.. _security-support: