[01:09] <sarnold> tomreyn: I can't access https://launchpad.net/bugs/2046565 I get the "lost something?" page. are you sure you've got the right visibility flags and subscriptions on it?
[01:11] <tomreyn> sarnold: i can access it when logged in. i filed a "private security" bug. apparently only brian-murray §may be notified" about it.
[01:11] <tomreyn> "may be notified"
[01:11] <tomreyn> "other bug subscribers" appears to be empty. whom should i subscribe?
[01:12] <tomreyn> on the top it says "Only the security group can see this information."
[01:12] <sarnold> I wonder if i"m not in the security team? heh
[01:13] <tomreyn> i guess visibility may be limited because it's not an ubuntu project?
[01:13] <sarnold> yeah, that's probably it
[01:13] <tomreyn> https://i.imgur.com/tKNMqGJ.png
[01:13] <sarnold> it's weird because we can see some openstack stuff but maybe not all of it?
[01:14] <sarnold> if this is apport, please also subscribe ubuntu-security
[01:14] <tomreyn> it's not an apport generated bug report
[01:15] <tomreyn> i just subscribed the ubuntu security team
[01:15] <tomreyn> https://launchpad.net/~ubuntu-security
[01:17] <sarnold> aha, thanks
[01:17] <tomreyn> the 'errors' software is managed by https://launchpad.net/~daisy-pluckers - three busy people whom i assumed to have received a copy of my report (but maybe they did not because it is flagged security?)
[01:17] <tomreyn> i also e-mailed them and the apparent (based on the topic here) security team handler on duty about it
[01:18] <sarnold> probably just brian, hehe
[01:20] <sarnold> tomreyn: thanks for the ping :)
[01:20] <tomreyn> so.. i suggest discussing internally how to ensure that private security bugs reported against (somewhat) important infrastructural software are received by someone who is able to act upon them
[01:20] <tomreyn> i'm sorry this boring bug ended up in your hands :)
[01:21] <tomreyn> and i appreciate your response.
[01:23] <sarnold> yeah, reporting to *one* person is a bit weaksauce
[01:25] <tomreyn> since brian is not a member of the security team i'm not even sure he received it
[01:26] <sarnold> I think he probably did -- at least I subscribe other folks to bugs all the time :)
[01:40] <tomreyn> very well. (but, yes, more recipients might be better.)
[01:42] <sarnold> definitely