Project

General

Profile

Feature #10036

Feature #10034: Translation web platform

Check if Weblate has been audited already

Added by sajolida over 4 years ago. Updated 8 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Infrastructure
Target version:
-
Start date:
08/14/2015
Due date:
% Done:

100%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

History

#1 Updated by sajolida over 4 years ago

  • Parent task set to #10034

#2 Updated by Anonymous over 4 years ago

According to the upstream author:
"There has been no official security audit so far. The code has been written quite cautiously, but that still does not prevent possible vulnerabilities, especially when using many third party libraries (eg. most vulnerabilities in Django affect Weblate as well)."

#3 Updated by Anonymous over 4 years ago

We might want to add this: https://pypi.python.org/pypi/django-secure

And as noted here: https://docs.djangoproject.com/en/1.8/topics/security/ we might want to add a plugin which throttles requests to authenticate users to prevent from brute force attacks.

#4 Updated by Anonymous over 4 years ago

  • Assignee changed from Anonymous to sajolida
  • % Done changed from 0 to 10
  • QA Check set to Ready for QA

#5 Updated by sajolida over 4 years ago

  • Assignee changed from sajolida to Anonymous

Why was this assigned to me? I probably created this ticket as part of the wrap-up of the notes from the summit but I have no personal interest in this audit :)

#6 Updated by Anonymous over 4 years ago

  • Status changed from Confirmed to Resolved

Sorry sajolida!

So I'll close this ticket, the answer is no :)

#7 Updated by intrigeri about 3 years ago

  • % Done changed from 10 to 100

#8 Updated by intrigeri about 1 year ago

  • QA Check deleted (Ready for QA)

#9 Updated by intrigeri 8 months ago

  • Assignee deleted (Anonymous)

Also available in: Atom PDF