Thanks Dannon, I will do that.
On Tue, Aug 11, 2015 at 10:20 AM, Dannon Baker <dannon.ba...@gmail.com>
> Hi Scott,
> Serious security problems should not be fixed via pull request - please
> responsibly disclose these by e-mailing them (with or without patches) to
> galaxy-...@lists.galaxyproject.org. The Galaxy core development team will
> issue patches to public servers before announcing the issue to ensure there
> is time to patch and highlight these fixes widely. We will provide you
> credit for the discovery when publicly disclosing the issue.
> On Tue, Aug 11, 2015 at 10:16 AM, Scott Szakonyi <
> scott.b.szakony...@nd.edu> wrote:
>> Hello all,
>> In testing our servers for security vulnerabilities, we've detected some
>> cross site scripting and SQL injection problem on our Galaxy server. Is
>> that something that should be reported as a bug/problem? I did search the
>> Trello board but didn't find any open security related items.
>> Scott B. Szakonyi
>> Research Programmer
>> *Center for Research Computing*
>> 107 Information Technology Center
>> Notre Dame, IN 46556
>> Please keep all replies on the list by using "reply all"
>> in your mail client. To manage your subscriptions to this
>> and other Galaxy lists, please use the interface at:
>> To search Galaxy mailing lists use the unified search at:
Scott B. Szakonyi
*Center for Research Computing*
107 Information Technology Center
Notre Dame, IN 46556
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
To search Galaxy mailing lists use the unified search at: