Document on ring.cx how to report security vulnerabilities
Issue generated from Tuleap's migration script. Originally submitted by: Ciro Santilli (cirosantilli)
Cannot be public of course, so how should they be reported?
A ring-vuln
mailing list readable only by devs would be a solution.
An even better solution would be to be able to create private issues here on Tuleap to make it easier to track security bugs.