Hello I'm writing a patch for reportbug, and I believe the cgi might need some minor tweaks: If the bugreport is a security problem, reportbug asks whether it is an undisclosed vulnerability. If the answer is Yes, the report is NOT to be sent to submit@bugs.debian.org but rather to team@security.debian.org. Right now, the CGI will override the destination and publish the problem on the BTS, which is probably a Bad idea™. Additionnaly, there are a few other addresses that would be nice to support: reportbug -kudos sends mail to: _package_ @packages.debian.org If the security tag is present, reportbug will cc: Debian Security Team <team@security.debian.org> Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org> If the user sends additionnal information, report bug will send to Debian Bug Tracking System <nnnnnn@bugs.debian.org> Right now the cgi will post to submit, and it might be catched by the BTS [1] but it would be nice to support these addresses too. The bugreport cc: option is only writing X-Debbugs-CC headers, so this is not an issue. How bad would it be to support all adresses matching *@*.debian.org in to: and cc:, regarding spams? My perl level is close to nil. Can anyone look into that? [1] http://www.debian.org/Bugs/Developer#subjectscan
Attachment:
signature.asc
Description: This is a digitally signed message part.