attachment removal and public transition in same e-mail
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
High
|
Unassigned |
Bug Description
In the event that an attachment is removed, for example a CoreDump.gz, and a bug is made public within a short period of time both events will show up in the e-mail to the ubuntu-bugs mailing. Since the attachment isn't removed right away its possible for someone monitoring the mailing list to still get the "deleted" attachment.
Here's an e-mail to the mailing list:
From: Brian Murray <email address hidden>
To: <email address hidden>
X-Launchpad-Bug: distribution=
status=New; importance=Medium; assignee=None;
X-Launchpad-
X-Launchpad-
X-Launchpad-
X-Launchpad-
References: <email address hidden>
Message-Id: <email address hidden>
Subject: [Bug 323858] Re: compiz.real crashed with SIGSEGV in g_slist_prepend()
X-Launchpad-
Precedence: bulk
X-Generated-By: Launchpad (canonical.com); Revision="None";
X-Launchpad-Hash: d7c8186d554906b
X-BeenThere: <email address hidden>
X-Mailman-Version: 2.1.8
Reply-To: Bug 323858 <email address hidden>
List-Id: Ubuntu bug tracker changes - HIGH VOLUME
List-Unsubscribe: <https:/
List-Post: <mailto:<email address hidden>>
List-Help: <mailto:<email address hidden>
List-Subscribe: <https:/
Content-Type: text/plain; charset="us-ascii"
Content-
Sender: <email address hidden>
Errors-To: <email address hidden>
Delivered-To: <email address hidden>
** Attachment removed: "CoreDump.gz"
http://
** Visibility changed to: Public
** Changed in: compiz (Ubuntu)
Importance: Undecided => Medium
--
compiz.real crashed with SIGSEGV in g_slist_prepend()
https:/
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Changed in malone: | |
milestone: | 2.2.5 → 2.2.6 |
Changed in malone: | |
milestone: | 2.2.6 → none |
Changed in apport (Ubuntu): | |
status: | Triaged → Invalid |
no longer affects: | apport (Ubuntu) |
visibility: | private → public |
A simple fix for this issue would be to not generate notifications for attachment removals on private bugs. That's not necessarily The Right Thing but it solves the problem until we can produce a better, security-aware notification system.