Hello all,
In testing our servers for security vulnerabilities, we've detected some
cross site scripting and SQL injection problem on our Galaxy server. Is
that something that should be reported as a bug/problem? I did search the
Trello board but didn't find any open security related items.
Hi Scott,
Serious security problems should not be fixed via pull request - please
responsibly disclose these by e-mailing them (with or without patches) to
galaxy-...@lists.galaxyproject.org. The Galaxy core development team will
issue patches to public servers before announcing the issue to
Thanks Dannon, I will do that.
Best,
Scott
On Tue, Aug 11, 2015 at 10:20 AM, Dannon Baker dannon.ba...@gmail.com
wrote:
Hi Scott,
Serious security problems should not be fixed via pull request - please
responsibly disclose these by e-mailing them (with or without patches) to
