Hello I'm writing a patch for reportbug, and I believe the cgi might need some minor tweaks: If the bugreport is a security problem, reportbug asks whether it is an undisclosed vulnerability. If the answer is Yes, the report is NOT to be sent to email@example.com but rather to firstname.lastname@example.org. Right now, the CGI will override the destination and publish the problem on the BTS, which is probably a Bad idea™. Additionnaly, there are a few other addresses that would be nice to support: reportbug -kudos sends mail to: _package_ @packages.debian.org If the security tag is present, reportbug will cc: Debian Security Team <email@example.com> Debian Testing Security Team <firstname.lastname@example.org> If the user sends additionnal information, report bug will send to Debian Bug Tracking System <email@example.com> Right now the cgi will post to submit, and it might be catched by the BTS  but it would be nice to support these addresses too. The bugreport cc: option is only writing X-Debbugs-CC headers, so this is not an issue. How bad would it be to support all adresses matching *@*.debian.org in to: and cc:, regarding spams? My perl level is close to nil. Can anyone look into that?  http://www.debian.org/Bugs/Developer#subjectscan
Description: This is a digitally signed message part.