PKI Bugs

From Dogtag
Revision as of 01:42, 8 May 2007 by Nkwan (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Bugzilla Bug Database

Security Vulnerabilities

If you believe you have discovered a bug which has possible security consequences please let us know. You can enter security sensitive bugs in bugzilla (making sure that the "Security Sensitive Bug" permission option is checked) or by direct contact to the Security Response Team.

How to Write a Bug Report

The better the bug report the more likely the bug will get fixed. What makes a good report?

See if the bug already exists

Before entering a new bug do a quick search of existing ones to see if you have found a known issue/problem.

Provide clear and minimal steps to reproduce the bug

Certainly there are unexplained problems with software but often one can cause the bug to happen upon command. If this is the case, in as few steps as possible, clearly describe what you are doing. If this includes some specific data, include that as well (possibly as an attachment).

If you do have an unexplained crash, include as much information as possible as to what was going on: Was the server under load? How long had it been running? Did you run out of memory? Was the machine doing anything else at the time?

Describe the problem well.

This includes the bug title. "Server crashes" isn't a particularly descriptive title.

Include only one issue per bug report

This is for your benefit and for the developers. It will help ensure that things don't slip through the cracks.

Other things you might want to include

  • Snippets from the server error log
  • Snippets from the server access log
  • truss or strace output of the server process
  • stack trace (from a debug build)