Comment 6 for bug 395960
Revision history for this message
| Curtis Hovey (sinzui) wrote Re: 'private' Librarian opens us to security vulnerabilities | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
I agree it is not the best way. But I am certain this bug was not high. This bugs we believe were more important were worked instead. Launchpad has more high bugs that engineers will address in the next 6 months. These bugs are lying about their priority. All parties subscribed to a bug are obligated to re-evaluate a bugs priority as the system and the way launchpad is used changes. A bug that is low will not be low if the need for it changes. (And high bugs do become low as needs change.)
Our rules for critial priortisation are lose of user data, security issues users are experiencing, privacy issues users are experiencing. I have found and fixed a dozen bugs, some reported by Launchpad engineers, that would have been fixed months sooner if someone had taken the time to read the bug, judge the priorty, and start a discussion about why the priority was selected.
So in summary. The foundations team demonstrated this bug was not a priority, and no subscriber challenged it until recently. Something in the system, or how Launchpad is used, or we have changed and we think this bug needs re-evaluation. This is the correct and expected behaviour. I welcome someone to give this bug a high priorty and treat is as such.