| 2006-09-22 17:15:28 |
Matt Zimmerman |
bug |
|
|
added bug |
| 2006-10-12 16:37:59 |
Brad Bollenbach |
malone: status |
Unconfirmed |
Confirmed |
|
| 2006-10-12 16:37:59 |
Brad Bollenbach |
malone: statusexplanation |
|
I think this probably makes sense.
There was discussion previously that sometimes some bugs would be so secret that only the security contacts for some of the affected software should be allowed to see it, but there's no evidence so far that Malone needs to handle that use case. |
|
| 2007-01-08 16:25:59 |
Matt Zimmerman |
bug |
|
|
added subscriber Ubuntu Security Team |
| 2007-01-08 23:54:04 |
Matt Zimmerman |
title |
Security subscription should be implicit |
Security contact unsubscription should be simpler |
|
| 2007-01-10 20:18:50 |
Christian Reis |
malone: importance |
Undecided |
Medium |
|
| 2007-01-10 20:18:50 |
Christian Reis |
malone: statusexplanation |
I think this probably makes sense.
There was discussion previously that sometimes some bugs would be so secret that only the security contacts for some of the affected software should be allowed to see it, but there's no evidence so far that Malone needs to handle that use case. |
|
|
| 2007-08-08 21:36:07 |
Christian Reis |
description |
It sometimes happens that a bug is filed with the security flag set inappropriately (though thankfully this is less common with the latest UI). Correcting this situation is a multi-step process since the security contact must be unsubscribed.
As our solution to similar problems elsewhere has been to use implicit subscriptions, this should behave the same way. |
Currently the security contact needs to be manually updated when we change the security flag of an existing bug. This should be simplified with special handling of these two transitions:
- When the bug moves from security to public, you should be able to optionally unsubscribe the security team; on by default.
- When the bug moves from public to security, you should be able to optionally subscribe the security team; on by default. You should also be subscribed to the bug if you weren't subscribed to it before.
There's the question of whether the email interface should do this as well; I don't think it needs to, since it's easy to subscribe or unsubscribe users there. The self-subscription makes sense to avoid locking yourself out of a bug, but I'm option that that (kiko)
|
|
| 2007-08-08 21:36:07 |
Christian Reis |
title |
Security contact unsubscription should be simpler |
When the security flag changes, also change the subscription of the security contact |
|
| 2007-10-29 22:32:26 |
Christian Reis |
malone: assignee |
|
jsk |
|
| 2007-10-29 22:32:26 |
Christian Reis |
malone: milestone |
1.1.12 |
1.2.1 |
|
| 2008-01-04 19:04:48 |
Jonathan Knowles |
malone: assignee |
jsk |
bjornt |
|
| 2008-01-14 20:46:54 |
Björn Tillenius |
malone: milestone |
1.2.1 |
1.2.3 |
|
| 2008-02-25 08:33:14 |
Björn Tillenius |
malone: milestone |
1.2.3 |
1.2.4 |
|
| 2008-03-18 14:31:57 |
Björn Tillenius |
malone: milestone |
1.2.4 |
1.2.6 |
|
| 2008-04-07 10:08:51 |
Björn Tillenius |
malone: milestone |
1.2.6 |
|
|
| 2009-04-22 20:12:08 |
Graham Binns |
malone: importance |
Medium |
High |
|
| 2009-04-22 20:12:08 |
Graham Binns |
malone: assignee |
Björn Tillenius (bjornt) |
|
|
| 2009-04-23 08:56:28 |
Eleanor Berger |
malone: milestone |
|
2.2.4 |
|
| 2009-04-24 11:55:04 |
Eleanor Berger |
malone: status |
Triaged |
In Progress |
|
| 2009-04-24 11:55:04 |
Eleanor Berger |
malone: assignee |
|
Tom Berger (intellectronica) |
|
| 2009-04-24 19:20:46 |
Diogo Matsubara |
malone: status |
In Progress |
Fix Committed |
|
| 2009-04-30 14:25:21 |
Björn Tillenius |
malone: status |
Fix Committed |
Fix Released |
|
