Project

General

Profile

Feature #10036

Feature #10034: Translation web platform

Check if Weblate has been audited already

Added by sajolida over 4 years ago. Updated 5 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Infrastructure
Target version:
-
Start date:
08/14/2015
Due date:
% Done:

100%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

History

#1 Updated by sajolida over 4 years ago

  • Parent task set to #10034

#2 Updated by u about 4 years ago

According to the upstream author:
"There has been no official security audit so far. The code has been written quite cautiously, but that still does not prevent possible vulnerabilities, especially when using many third party libraries (eg. most vulnerabilities in Django affect Weblate as well)."

#3 Updated by u about 4 years ago

We might want to add this: https://pypi.python.org/pypi/django-secure

And as noted here: https://docs.djangoproject.com/en/1.8/topics/security/ we might want to add a plugin which throttles requests to authenticate users to prevent from brute force attacks.

#4 Updated by u about 4 years ago

  • Assignee changed from u to sajolida
  • % Done changed from 0 to 10
  • QA Check set to Ready for QA

#5 Updated by sajolida about 4 years ago

  • Assignee changed from sajolida to u

Why was this assigned to me? I probably created this ticket as part of the wrap-up of the notes from the summit but I have no personal interest in this audit :)

#6 Updated by u about 4 years ago

  • Status changed from Confirmed to Resolved

Sorry sajolida!

So I'll close this ticket, the answer is no :)

#7 Updated by intrigeri almost 3 years ago

  • % Done changed from 10 to 100

#8 Updated by intrigeri 12 months ago

  • QA Check deleted (Ready for QA)

#9 Updated by intrigeri 5 months ago

  • Assignee deleted (u)

Also available in: Atom PDF