Security Team message templates

Security Team message templates

Automated reply sent by security.drupal.org automatically

[Note: This is installed at http://lists.drupal.org/admin/security/?VARHELP=autoreply/autoresponse_postings_text]

Declined member application on low amount of contributions

Hello [name],

Email to a maintainer who has created a release tagged security update that is not related to an issue on s.d.o

Sometimes maintainers create releases and tag them as "security update" even though there is no issue on security.drupal.org corresponding

Email to issue reporter inviting them to view the issue on security.drupal.org

Note, notifications to module maintainers and the issue reporter happen automatically if the reporter files the issue on security.drupal.org

Invite reporter to submit an issue to the tracker directly

Hello {name},

Inviting a Security Team applicant to assist with an issue

Dear [person],

Issue assignment template

Subject:

Issue unpublished on drupal.org

Dear {name},

Letting a maintainer know that we plan to unsupport their module

When an issue looks like it won't get fixed:

Message to contrib maintainer asking for review

Looking for review from maintainer(s).

Message to contrib maintainer who hasn't responded to our report

Hello,

Message to reporter who hasn't responded

Message to remind the reporter to provide more details(status: Needs reporter response).

Reply to request for support including hacked sites

--If reporting a hacked site

Reporting a file uploaded to a Drupal.org issue

When someone reports information disclosure on a public file

Request for information about an upcoming release.

Request for information

Using the private tracker to report a bug or feature request

You've filed this issue into the private security team issue queue, but this doesn't appear to be a security issue.

Vulnerability which can be fixed publicly because it requires an advanced permission

1. Grant the module maintainer access to the issue so they will know what is going on.

Vulnerability which is only present in a non-stable release

1. Grant the module maintainer access to the issue so they will know what is going on.

Welcome as provisional security team member

Hi!

Guide maintainers

mlhess's picture