How to report security related issues?

Skip to first unread message

Lucien van Wouw

Jan 5, 2016, 7:07:13 AM1/5/16
to Dataverse Users Community

I wonder how security issues can be reported other than the public github repository,
Is there a IQSS procedure for this ? Where can end users ( developers, dataverse maintainers, etc ) report them ?

Philip Durbin

Jan 5, 2016, 9:55:37 AM1/5/16
From what I can tell we don't explain very well that we *don't* want security issues to be reported in public such as on this mailing list, the GitHub issue tracker, Twitter, IRC, etc.

Rather, please send anything security-related to which will create a private ticket in the IQSS/HMDC ticket tracker at

Let me see what I can do about documenting this properly (and perhaps setting up a dedicated email address). I'm looking at sites like the ones below but if anyone has a favorite writeup of how to report security vulnerabilities, please let us know:




You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Reply all
Reply to author
0 new messages