When a security issue is discovered, we consider it good practice to keep the information under quarantine until the issue is properly analysed and fixed to limit attack exposure. We do not have a way to address this in our current JIRA configuration.
issues.jboss.org has a workflow. we could ask Vlastimil Elias from the jboss.org team for more info if needed.
Note that the restrict visibility to a specific group (edit screen) does not seem to have any effect.
|