Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » BIRT » How to handle reporting of a security bug?(How to handle reporting of a security bug?)
How to handle reporting of a security bug? [message #652329] Thu, 03 February 2011 15:36 Go to next message
Jeff Beard-Shouse is currently offline Jeff Beard-ShouseFriend
Messages: 1
Registered: February 2011
Junior Member
I am a security researcher with Security PS. I have found a vulnerability in this software package and would like to report it. I did find this post detailing the presence of a special security check box on the bug report submission form. I however did not see it when I went to fill in the bug report form. I am wondering if that check box only appears for committers?
My main question is what is the best way to disclose a security vulnerability to this project? As I want to do so in the most responsible way possible.

Thanks,
Jeff Beard-Shouse
Security Consultant, Security PS
jbeardshouse (a) securityps.com

[Updated on: Thu, 03 February 2011 15:38]

Report message to a moderator

Re: How to handle reporting of a security bug? [message #652397 is a reply to message #652329] Thu, 03 February 2011 17:53 Go to previous message
Jason Weathersby is currently offline Jason WeathersbyFriend
Messages: 9167
Registered: July 2009
Senior Member
Thanks Jeff. I sent you an email to discuss.

On 2/3/2011 10:36 AM, Jeff Beard-Shouse wrote:
> I am a security researcher with http://securityps.com I have found a
> vulnerability in this software package and would like to report it. I
> did find
> http://dev.eclipse.org/mhonarc/lists/eclipse.org-committers/ msg00511.html post
> detailing the presence of a of a special security check box on the bug
> report submission form. I however did not see it when I went to fill in
> the bug report form. I am wondering if that check box only appears for
> committers?
> My main question is what is the best way to disclose a security
> vulnerability to this project? As I want to do so in the most
> responsible way possible.
>
> Thanks,
> Jeff Beard-Shouse
> Security Consultant, Security PS
> mailto:jbeardshouse@securityps.com

Report message to a moderator

Previous Topic:Problem with export to pdf
Next Topic:How to transform data for use in a pie chart
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Apr 19 01:08:52 GMT 2024

Powered by FUDForum. Page generated in 0.02851 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly