An odd vulnerability report for LibreOffice
Posted Oct 6, 2011 14:04 UTC (Thu) by epa
In reply to: An odd vulnerability report for LibreOffice
Parent article: An odd vulnerability report for LibreOffice
The 'rules' document you mentioned defines NOTABUG as follows:
The problem described is not a bug. An explaination of why this resolution has been chosen should be supplied.
Comment 14 in the bug report simply says that this is not a security issue.
My point is that while it may not be a security issue, it is a bug, and that therefore the NOTABUG resolution, as defined in the explanation document you gave, is not appropriate. It is defined as meaning "The problem described is not a bug", which is not at all the same as "It is a bug, but not the particular kind of bug appropriate to this component in Bugzilla".
Still, as you say, it looks like the bug was dealt with in this case because it was already fixed upstream; it's just the Bugzilla entry which is misleading.
It would be good for Bugzilla to have a MISFILED resolution for reports filed against the wrong component or whatever. That would provide a way to close them without making a claim that "this is not a bug" or "we will not fix it".
to post comments)