|
|
@@ -19,7 +19,7 @@ security@djangoproject.com**.
|
|
|
|
|
|
Most normal bugs in Django are reported to `our public Trac
|
|
|
instance`_, but due to the sensitive nature of security issues, we ask
|
|
|
-that they *not* be publicly reported in this fashion.
|
|
|
+that they **not** be publicly reported in this fashion.
|
|
|
|
|
|
Instead, if you believe you've found something in Django which has
|
|
|
security implications, please send a description of the issue via
|
|
|
@@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward
|
|
|
security issues into the private committers' mailing list for broader
|
|
|
discussion if needed.
|
|
|
|
|
|
-You can send encrypted email to this address; the public key ID for
|
|
|
-``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this
|
|
|
-public key is available from most commonly-used keyservers.
|
|
|
-
|
|
|
Once you've submitted an issue via email, you should receive an
|
|
|
acknowledgment from a member of the Django development team within 48
|
|
|
hours, and depending on the action to be taken, you may receive
|
|
|
further followup emails.
|
|
|
|
|
|
+.. note::
|
|
|
+
|
|
|
+ If you want to send an encrypted email (*optional*), the public key ID for
|
|
|
+ ``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public
|
|
|
+ key is available from most commonly-used keyservers.
|
|
|
+
|
|
|
.. _our public Trac instance: https://code.djangoproject.com/query
|
|
|
|
|
|
.. _security-support:
|
Loic Bistuer