Hemiptera Bugtracker at bugs.linux-forks.de

hemiptera

A "hidded" report is needed for eg security bugs

Send replies to 18@bugs.linux-forks.de or using the Form below.
avatar From: OP
Fri, 06 Jul 2018 20:50:01 -0000

For security or similar important and dangerous bugs is a way neded, to

create a hidden bug report, otherwise eg an possible exploit would be

immediantly free visible

avatar From: Developer
Fri, 06 Jul 2018 20:55:01 -0000

I'm open to suggestions on how to implement this.

avatar From: OP
Fri, 06 Jul 2018 21:01:01 -0000

A special Tag in the subject of the mail and/or the possibity to add a tag to the confirmation mail.

That would also open the possibility to manually add tags to the bug reports

avatar From: Developer
Fri, 06 Jul 2018 21:06:01 -0000

Would require some work for per-tag html generation, but shouldn't be

too hard to do otherwise.

avatar From: Developer
Fri, 06 Jul 2018 21:08:01 -0000

Sorry, replied to the wrong message, subject got deleted [Reporting that

as bug]

avatar From: OP
Fri, 06 Jul 2018 21:10:01 -0000

An Example:

Subject: SECURITY: a bug report can execute a shell command

Content: You need only to place a command in $( )

This bug would then be hidden for security reasons, other possible tags could be PRIVACY, when a report needs private or otherwise informations which should not be shared, even local configurations are sensitive

And (or only) a tag HIDDEN, when any other tag is not applicable

avatar From: Developer
Fri, 06 Jul 2018 21:15:01 -0000

<a href="https://minetest.bananach.space" >This is an attempt at HTML injection</a>

avatar From: OP
Fri, 06 Jul 2018 21:16:01 -0000

Example 2:

The tag should similar be usable in the confirmation mail like this:

> Your bug has been registered. To prevent spam, you need to

> confirm it by answering to this message with the following

> confirmation id: XXXXXXXXXXXXXXXX. Just hitting reply

> should work.

SECURITY

Reply