It sure would be nice to track issues for security.drupal.org.

Comments

dww’s picture

We have such a component on sec.d.o itself:

https://security.drupal.org/project/issues/security-website

Do we need one here, too?

avpaderno’s picture

Aren't the security issues supposed to be viewed only from the security team?

dww’s picture

He's talking about security.drupal.org webmaster/infrastructure tasks, like installing new modules, configuration changes, upgrading code, etc. Feature and bug requests about the sec.d.o website itself. But yes, that's another good reason not to do this -- people might see the new option, be confused, and submit requests here thinking that's the place to report suspected vulnerabilities...

drumm’s picture

Emails for this go out to the security list with all of our other issues handling security issues. I completely missed that queue even existed, assuming they were just other security issues.

I think these are infrastructure issues, just like any other *.d.o site, which all have components here.

avpaderno’s picture

Status: Active » Closed (won't fix)

I am marking this report as won't fix. Feel free to reopen it, if the current status is not correct.

dww’s picture

Component: Other » security.drupal.org
Status: Closed (won't fix) » Fixed

Actually, it's fixed, not "won't fix", since the component already exists (as evidenced by this comment). Not sure who actually added this, but I guess it doesn't matter... It's good to have a public place to discuss infra stuff for the sec.d.o site, just like all the other *.d.o sites.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Project: Drupal.org infrastructure » Drupal Security Team
Component: security.drupal.org » Miscellaneous