=== user03 is now known as gchound | ||
sarnold | tomreyn: I can't access https://launchpad.net/bugs/2046565 I get the "lost something?" page. are you sure you've got the right visibility flags and subscriptions on it? | 01:09 |
---|---|---|
tomreyn | sarnold: i can access it when logged in. i filed a "private security" bug. apparently only brian-murray §may be notified" about it. | 01:11 |
tomreyn | "may be notified" | 01:11 |
tomreyn | "other bug subscribers" appears to be empty. whom should i subscribe? | 01:11 |
tomreyn | on the top it says "Only the security group can see this information." | 01:12 |
sarnold | I wonder if i"m not in the security team? heh | 01:12 |
tomreyn | i guess visibility may be limited because it's not an ubuntu project? | 01:13 |
sarnold | yeah, that's probably it | 01:13 |
tomreyn | https://i.imgur.com/tKNMqGJ.png | 01:13 |
sarnold | it's weird because we can see some openstack stuff but maybe not all of it? | 01:13 |
sarnold | if this is apport, please also subscribe ubuntu-security | 01:14 |
tomreyn | it's not an apport generated bug report | 01:14 |
tomreyn | i just subscribed the ubuntu security team | 01:15 |
tomreyn | https://launchpad.net/~ubuntu-security | 01:15 |
sarnold | aha, thanks | 01:17 |
tomreyn | the 'errors' software is managed by https://launchpad.net/~daisy-pluckers - three busy people whom i assumed to have received a copy of my report (but maybe they did not because it is flagged security?) | 01:17 |
tomreyn | i also e-mailed them and the apparent (based on the topic here) security team handler on duty about it | 01:17 |
sarnold | probably just brian, hehe | 01:18 |
sarnold | tomreyn: thanks for the ping :) | 01:20 |
tomreyn | so.. i suggest discussing internally how to ensure that private security bugs reported against (somewhat) important infrastructural software are received by someone who is able to act upon them | 01:20 |
tomreyn | i'm sorry this boring bug ended up in your hands :) | 01:20 |
tomreyn | and i appreciate your response. | 01:21 |
sarnold | yeah, reporting to *one* person is a bit weaksauce | 01:23 |
tomreyn | since brian is not a member of the security team i'm not even sure he received it | 01:25 |
sarnold | I think he probably did -- at least I subscribe other folks to bugs all the time :) | 01:26 |
tomreyn | very well. (but, yes, more recipients might be better.) | 01:40 |
sarnold | definitely | 01:42 |
=== chris14_ is now known as chris14 | ||
=== user03 is now known as gchound | ||
=== JanC is now known as Guest9721 | ||
=== JanC_ is now known as JanC |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!