CINXE.COM

<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-disabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-disabled skin-theme-clientpref-day vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>Hlášení bezpečnostních chyb - MediaWiki</title> <script>(function(){var className="client-js vector-feature-language-in-header-disabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-disabled skin-theme-clientpref-day vector-toc-available";var cookie=document.cookie.match(/(?:^|; )mediawikiwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":[",\t."," \t,"],"wgDigitTransformTable":["",""], "wgDefaultDateFormat":"ČSN basic dt","wgMonthNames":["","leden","únor","březen","duben","květen","červen","červenec","srpen","září","říjen","listopad","prosinec"],"wgRequestId":"ba44d8e2-eec5-458e-bbca-8ae70cdc2d05","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Reporting_security_bugs/cs","wgTitle":"Reporting security bugs/cs","wgCurRevisionId":6799950,"wgRevisionId":6799950,"wgArticleId":1576714,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["Wikimedia Security Team/cs","Security/cs"],"wgPageViewLanguage":"cs","wgPageContentLanguage":"cs","wgPageContentModel":"wikitext","wgRelevantPageName":"Reporting_security_bugs/cs","wgRelevantArticleId":1576714,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"mediawiki","wgCiteReferencePreviewsActive":true,"wgMediaViewerOnClick":true, "wgMediaViewerEnabledByDefault":true,"wgVisualEditor":{"pageLanguageCode":"cs","pageLanguageDir":"ltr","pageVariantFallbacks":"cs"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":8000,"wgTranslatePageTranslation":"translation","wgCentralAuthMobileDomain":false,"wgVisualEditorDisabledByHook":true,"wgDiscussionToolsFeaturesEnabled":{"replytool":true,"newtopictool":true,"sourcemodetoolbar":true,"topicsubscription":false,"autotopicsub":false,"visualenhancements":false,"visualenhancements_reply":false,"visualenhancements_pageframe":false},"wgDiscussionToolsFallbackEditMode":"visual","wgULSPosition":"personal","wgULSisCompactLinksEnabled":true,"wgVector2022LanguageInHeader":false,"wgULSisLanguageSelectorEmpty":false,"wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"]};RLSTATE={ "ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.translate.tag.languages":"ready","ext.discussionTools.init.styles":"ready","oojs-ui-core.styles":"ready","oojs-ui.styles.indicators":"ready","mediawiki.widgets.styles":"ready","oojs-ui-core.icons":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","ext.translate":"ready","ext.wikimediamessages.styles":"ready","ext.uls.pt":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["site","mediawiki.page.ready","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.translate.pagetranslation.uls","ext.urlShortener.toolbar","ext.centralauth.centralautologin","ext.echo.centralauth","ext.discussionTools.init","ext.eventLogging","ext.wikimediaEvents","ext.navigationTiming","ext.uls.compactlinks","ext.uls.interface", "ext.checkUser.clientHints"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&modules=ext.discussionTools.init.styles%7Cext.translate%2CwikimediaBadges%7Cext.translate.tag.languages%7Cext.uls.pt%7Cext.wikimediamessages.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&only=styles&skin=vector-2022"> <script async="" src="/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&modules=site.styles&only=styles&skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.4"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta name="viewport" content="width=1120"> <meta property="og:site_name" content="MediaWiki"> <meta property="og:title" content="Hlášení bezpečnostních chyb - MediaWiki"> <meta property="og:type" content="website"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//m.mediawiki.org/wiki/Reporting_security_bugs/cs"> <link rel="alternate" type="application/x-wiki" title="Edit" href="/w/index.php?title=Reporting_security_bugs/cs&action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/mediawiki.png"> <link rel="icon" href="/static/favicon/mediawiki.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="MediaWiki (en)"> <link rel="EditURI" type="application/rsd+xml" href="//www.mediawiki.org/w/api.php?action=rsd"> <link rel="canonical" href="https://www.mediawiki.org/wiki/Reporting_security_bugs/cs"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/"> <link rel="alternate" type="application/atom+xml" title="MediaWiki Atom feed" href="/w/index.php?title=Special:RecentChanges&feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="//login.wikimedia.org"> </head> <body class="ext-discussiontools-replytool-enabled ext-discussiontools-newtopictool-enabled ext-discussiontools-sourcemodetoolbar-enabled skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-Reporting_security_bugs_cs rootpage-Reporting_security_bugs skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/MediaWiki" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-mw-download" class="mw-list-item"><a href="/wiki/Download"><span>Get MediaWiki</span></a></li><li id="n-mw-extensions" class="mw-list-item"><a href="/wiki/Special:MyLanguage/Category:Extensions"><span>Get extensions</span></a></li><li id="n-blog-text" class="mw-list-item"><a href="https://techblog.wikimedia.org/"><span>Tech blog</span></a></li><li id="n-mw-contribute" class="mw-list-item"><a href="/wiki/Special:MyLanguage/How_to_contribute"><span>Contribute</span></a></li> </ul> </div> </div> <div id="p-support" class="vector-menu mw-portlet mw-portlet-support" > <div class="vector-menu-heading"> Support </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Special:MyLanguage/Help:Contents" title="The place to find out"><span>User help</span></a></li><li id="n-mw-faq" class="mw-list-item"><a href="/wiki/Special:MyLanguage/Manual:FAQ"><span>FAQ</span></a></li><li id="n-mw-manual" class="mw-list-item"><a href="/wiki/Special:MyLanguage/Manual:Contents"><span>Technical manual</span></a></li><li id="n-mw-supportdesk" class="mw-list-item"><a href="/wiki/Project:Support_desk"><span>Support desk</span></a></li><li id="n-mw-communication" class="mw-list-item"><a href="/wiki/Special:MyLanguage/Communication"><span>Communication</span></a></li> </ul> </div> </div> <div id="p-development" class="vector-menu mw-portlet mw-portlet-development" > <div class="vector-menu-heading"> Development </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mw-developerportal" class="mw-list-item"><a href="https://developer.wikimedia.org/"><span>Developer portal</span></a></li><li id="n-svn-statistics" class="mw-list-item"><a href="/wiki/Development_statistics"><span>Code statistics</span></a></li> </ul> </div> </div> <div id="p-mediawiki.org" class="vector-menu mw-portlet mw-portlet-mediawiki_org" > <div class="vector-menu-heading"> mediawiki.org </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-portal" class="mw-list-item"><a href="/wiki/Project:Help" title="About the project, what you can do, where to find things"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes in the wiki [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-mw-translate" class="mw-list-item"><a href="/wiki/Special:LanguageStats"><span>Translate content</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Load a random page [x]" accesskey="x"><span>Random page</span></a></li><li id="n-mw-discussion" class="mw-list-item"><a href="/wiki/Project:Village_Pump"><span>Village pump</span></a></li><li id="n-Sandboxlink-portlet-label" class="mw-list-item"><a href="/wiki/Project:Sandbox"><span>Sandbox</span></a></li> </ul> </div> </div> <div id="p-lang" class="vector-menu mw-portlet mw-portlet-lang" > <div class="vector-menu-heading"> In other languages </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> <div class="after-portlet after-portlet-lang"><span class="wb-langlinks-add wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:NewItem?site=mediawikiwiki&page=Reporting+security+bugs%2Fcs" title="Add interlanguage links" class="wbc-editpage">Add links</a></span></div> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/MediaWiki" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/mediawikiwiki.svg" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="MediaWiki" src="/static/images/mobile/copyright/mediawikiwiki-wordmark.svg" style="width: 7.5em; height: 1.125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search MediaWiki [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search MediaWiki" aria-label="Search MediaWiki" autocapitalize="sentences" title="Search MediaWiki [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-uls" class="mw-list-item active user-links-collapsible-item"><a data-mw="interface" href="#" class="uls-trigger cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>English</span></a> </li> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page's font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/?utm_source=donate&utm_medium=sidebar&utm_campaign=spontaneous&uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&returnto=Reporting+security+bugs%2Fcs" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&returnto=Reporting+security+bugs%2Fcs" title="You are encouraged to log in; however, it is not mandatory [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="More options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/?utm_source=donate&utm_medium=sidebar&utm_campaign=spontaneous&uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&returnto=Reporting+security+bugs%2Fcs" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&returnto=Reporting+security+bugs%2Fcs" title="You are encouraged to log in; however, it is not mandatory [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">Beginning</div> </a> </li> <li id="toc-Co_je_považováno_za_bezpečnostní_problém" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Co_je_považováno_za_bezpečnostní_problém"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Co je považováno za bezpečnostní problém</span> </div> </a> <ul id="toc-Co_je_považováno_za_bezpečnostní_problém-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Hlášení_bezpečnostního_problému" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Hlášení_bezpečnostního_problému"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>Hlášení bezpečnostního problému</span> </div> </a> <ul id="toc-Hlášení_bezpečnostního_problému-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Co_zahrnout_do_zprávy_o_bezpečnostním_problému" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Co_zahrnout_do_zprávy_o_bezpečnostním_problému"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>Co zahrnout do zprávy o bezpečnostním problému</span> </div> </a> <ul id="toc-Co_zahrnout_do_zprávy_o_bezpečnostním_problému-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením"> <div class="vector-toc-text"> <span class="vector-toc-numb">4</span> <span>Co se stane, když jsou hlášeny problémy se zabezpečením</span> </div> </a> <ul id="toc-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Poděkování_reportérům" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Poděkování_reportérům"> <div class="vector-toc-text"> <span class="vector-toc-numb">5</span> <span>Poděkování reportérům</span> </div> </a> <ul id="toc-Poděkování_reportérům-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Oprava_zprávy_o_sledování" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Oprava_zprávy_o_sledování"> <div class="vector-toc-text"> <span class="vector-toc-numb">6</span> <span>Oprava zprávy o sledování</span> </div> </a> <ul id="toc-Oprava_zprávy_o_sledování-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Přispívané_záplaty" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Přispívané_záplaty"> <div class="vector-toc-text"> <span class="vector-toc-numb">7</span> <span>Přispívané záplaty</span> </div> </a> <ul id="toc-Přispívané_záplaty-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Související_obsah_zabezpečení" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Související_obsah_zabezpečení"> <div class="vector-toc-text"> <span class="vector-toc-numb">8</span> <span>Související obsah zabezpečení</span> </div> </a> <ul id="toc-Související_obsah_zabezpečení-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading">Hlášení bezpečnostních chyb</h1> <div class="mw-indicators"> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Reporting_security_bugs/cs" title="View the content page [c]" accesskey="c"><span>Page</span></a></li><li id="ca-talk" class="new vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Talk:Reporting_security_bugs/cs&action=edit&redlink=1" rel="discussion" class="new" title="Discussion about the content page (page does not exist) [t]" accesskey="t"><span>Discussion</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">čeština</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Reporting_security_bugs/cs"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Special:Translate&group=page-Reporting+security+bugs&action=page&filter=&language=cs" title="Edit this page [e]" accesskey="e"><span>Translate</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Reporting_security_bugs/cs&action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/Reporting_security_bugs/cs"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:Translate&group=page-Reporting+security+bugs&action=page&filter=&language=cs" title="Edit this page [e]" accesskey="e"><span>Translate</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Reporting_security_bugs/cs&action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Reporting_security_bugs/cs" title="A list of all wiki pages that link here [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Reporting_security_bugs/cs" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="//commons.wikimedia.org/wiki/Special:UploadWizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Reporting_security_bugs/cs&oldid=6799950" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Reporting_security_bugs/cs&action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&page=Reporting_security_bugs%2Fcs&id=6799950&wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&url=https%3A%2F%2Fwww.mediawiki.org%2Fwiki%2FReporting_security_bugs%2Fcs"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&url=https%3A%2F%2Fwww.mediawiki.org%2Fwiki%2FReporting_security_bugs%2Fcs"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-create_a_book" class="mw-list-item"><a href="/w/index.php?title=Special:Book&bookcmd=book_creator&referer=Reporting+security+bugs%2Fcs"><span>Create a book</span></a></li><li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&page=Reporting_security_bugs%2Fcs&action=show-download-screen"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Reporting_security_bugs/cs&printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects emptyPortlet" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div id="siteSub" class="noprint">From mediawiki.org</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-pt-translate-header noprint" dir="ltr" lang="en">This page is a <span class="plainlinks"><a class="external text" href="https://www.mediawiki.org/w/index.php?title=Special:Translate&group=page-Reporting+security+bugs&action=page&filter=&language=cs">translated version</a></span> of the page <a href="/wiki/Reporting_security_bugs" title="Reporting security bugs">Reporting security bugs</a> and the translation is 100% complete.</div><div class="mw-content-ltr mw-parser-output" lang="cs" dir="ltr"><div class="mw-pt-languages noprint navigation-not-searchable" lang="en" dir="ltr"><div class="mw-pt-languages-label">Languages:</div><ul class="mw-pt-languages-list"><li><a href="/wiki/Reporting_security_bugs/id" class="mw-pt-progress mw-pt-progress--med" title="Melaporkan kutu keamanan (22% translated)" lang="id" dir="ltr">Bahasa Indonesia</a></li> <li><a href="/wiki/Reporting_security_bugs/en-gb" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/en-gb (3% translated)" lang="en-GB" dir="ltr">British English</a></li> <li><a href="/wiki/Reporting_security_bugs/de" class="mw-pt-progress mw-pt-progress--complete" title="Sicherheitsfehler melden (100% translated)" lang="de" dir="ltr">Deutsch</a></li> <li><a href="/wiki/Reporting_security_bugs" class="mw-pt-languages-ui mw-pt-progress mw-pt-progress--complete" title="Reporting security bugs (100% translated)" lang="en" dir="ltr">English</a></li> <li><a href="/wiki/Reporting_security_bugs/lb" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/lb (2% translated)" lang="lb" dir="ltr">Lëtzebuergesch</a></li> <li><a href="/wiki/Reporting_security_bugs/nl" class="mw-pt-progress mw-pt-progress--complete" title="Beveiligingsproblemen melden (100% translated)" lang="nl" dir="ltr">Nederlands</a></li> <li><a href="/wiki/Reporting_security_bugs/tr" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/tr (8% translated)" lang="tr" dir="ltr">Türkçe</a></li> <li><a href="/wiki/Reporting_security_bugs/diq" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/diq (2% translated)" lang="diq" dir="ltr">Zazaki</a></li> <li><a href="/wiki/Reporting_security_bugs/br" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/br (2% translated)" lang="br" dir="ltr">brezhoneg</a></li> <li><a href="/wiki/Reporting_security_bugs/es" class="mw-pt-progress mw-pt-progress--high" title="Informar errores de seguridad (98% translated)" lang="es" dir="ltr">español</a></li> <li><a href="/wiki/Reporting_security_bugs/fr" class="mw-pt-progress mw-pt-progress--complete" title="Rapporter des bogues de sécurité (100% translated)" lang="fr" dir="ltr">français</a></li> <li><a href="/wiki/Reporting_security_bugs/it" class="mw-pt-progress mw-pt-progress--complete" title="Segnalazione problemi di sicurezza (100% translated)" lang="it" dir="ltr">italiano</a></li> <li><a href="/wiki/Reporting_security_bugs/hu" class="mw-pt-progress mw-pt-progress--med" title="Biztonsági hibák bejelentése (42% translated)" lang="hu" dir="ltr">magyar</a></li> <li><a href="/wiki/Reporting_security_bugs/pt" class="mw-pt-progress mw-pt-progress--low" title="Relatando bugs de segurança (2% translated)" lang="pt" dir="ltr">português</a></li> <li><a href="/wiki/Reporting_security_bugs/pt-br" class="mw-pt-progress mw-pt-progress--high" title="Relatando bugs de segurança (98% translated)" lang="pt-BR" dir="ltr">português do Brasil</a></li> <li><span class="mw-pt-languages-selected mw-pt-progress mw-pt-progress--complete" lang="cs" dir="ltr">čeština</span></li> <li><a href="/wiki/Reporting_security_bugs/ru" class="mw-pt-progress mw-pt-progress--med" title="Сообщение об ошибках в системе безопасности (17% translated)" lang="ru" dir="ltr">русский</a></li> <li><a href="/wiki/Reporting_security_bugs/ur" class="mw-pt-progress mw-pt-progress--low" title="امان کے बग्स رپورٹ کرنا (8% translated)" lang="ur" dir="rtl">اردو</a></li> <li><a href="/wiki/Reporting_security_bugs/ar" class="mw-pt-progress mw-pt-progress--complete" title="الإبلاغ عن المشاكل الأمنية (100% translated)" lang="ar" dir="rtl">العربية</a></li> <li><a href="/wiki/Reporting_security_bugs/hi" class="mw-pt-progress mw-pt-progress--high" title="सुरक्षा के बग्स रिपोर्ट करना (97% translated)" lang="hi" dir="ltr">हिन्दी</a></li> <li><a href="/wiki/Reporting_security_bugs/bn" class="mw-pt-progress mw-pt-progress--low" title="নিরাপত্তা বাগ প্রতিবেদন (5% translated)" lang="bn" dir="ltr">বাংলা</a></li> <li><a href="/wiki/Reporting_security_bugs/th" class="mw-pt-progress mw-pt-progress--low" title="การแจ้งความผิดพลาดความปลอดภัย (2% translated)" lang="th" dir="ltr">ไทย</a></li> <li><a href="/wiki/Reporting_security_bugs/zh" class="mw-pt-progress mw-pt-progress--complete" title="报告安全问题 (100% translated)" lang="zh" dir="ltr">中文</a></li> <li><a href="/wiki/Reporting_security_bugs/ja" class="mw-pt-progress mw-pt-progress--low" title="セキュリティバグの報告 (3% translated)" lang="ja" dir="ltr">日本語</a></li> <li><a href="/wiki/Reporting_security_bugs/ko" class="mw-pt-progress mw-pt-progress--low" title="Reporting security bugs/ko (2% translated)" lang="ko" dir="ltr">한국어</a></li></ul></div> <p>Toto je proces hlášení bezpečnostních problémů v softwaru a službách spravovaných nebo provozovaných Wikimedia Foundation. To zahrnuje MediaWiki a <a class="external text" href="https://www.wikimedia.org/">projekty Wikimedia</a>, jako je Wikipedie. </p><p>Podporujeme <a href="https://en.wikipedia.org/wiki/responsible_disclosure" class="extiw" title="en:responsible disclosure">odpovědné zveřejnění</a> a doufáme, že každý, kdo nalezne potenciální bezpečnostní problém v našem ekosystému, jedná uvážlivě a shovívavě. </p><p><span id="What_is_considered_a_security_issue"></span> </p> <meta property="mw:PageProp/toc"/> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Co_je_považováno_za_bezpečnostní_problém" data-mw-thread-id="h-Co_je_považováno_za_bezpečnostní_problém"><span id="Co_je_pova.C5.BEov.C3.A1no_za_bezpe.C4.8Dnostn.C3.AD_probl.C3.A9m"></span><span data-mw-comment-start="" id="h-Co_je_považováno_za_bezpečnostní_problém"></span>Co je považováno za bezpečnostní problém<span data-mw-comment-end="h-Co_je_považováno_za_bezpečnostní_problém"></span></h2></div> <p>Toto je obecný nástin, nikoli vyčerpávající výčet rozsahu tohoto procesu. </p> <ul><li>Problémy, které ovlivňují dostupnost jedné nebo více služeb, které jsou součástí ekosystému Wikimedia, ale zejména pokud jsou výsledkem nepřátelského souboru akcí nebo kampaně.</li> <li>Pokud integrita dat hostovaných nadací Wikimedia Foundation nebo přidruženými subjekty je ohrožena poškozením, neoprávněným zásahem nebo jinou úpravou neoprávněným způsobem.</li> <li>Pokud je ohrožena důvěrnost dat vlastněných nadací Wikimedia Foundation nebo jejími přidruženými subjekty, takže informace, které mají být omezeny nebo soukromé, jsou prozrazeny, odhaleny, odcizeny nebo exfiltrovány neoprávněným způsobem.</li></ul> <p><span id="Reporting_a_security_issue"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Hlášení_bezpečnostního_problému" data-mw-thread-id="h-Hlášení_bezpečnostního_problému"><span id="Hl.C3.A1.C5.A1en.C3.AD_bezpe.C4.8Dnostn.C3.ADho_probl.C3.A9mu"></span><span data-mw-comment-start="" id="h-Hlášení_bezpečnostního_problému"></span>Hlášení bezpečnostního problému<span data-mw-comment-end="h-Hlášení_bezpečnostního_problému"></span></h2></div> <p>Chcete-li nahlásit problém, pošlete email na <b><a rel="nofollow" class="external text" href="mailto:security@wikimedia.org">security@wikimedia.org</a></b> nebo použijte formulář <a href="https://phabricator.wikimedia.org/maniphest/task/edit/form/75/" class="extiw" title="phab:maniphest/task/edit/form/75/">Hlášení bezpečnostního problému</a> (Report Security Issue) na <a href="/wiki/Special:MyLanguage/Phabricator" title="Special:MyLanguage/Phabricator">Phabricatoru</a>. </p><p>Takové zprávy nebudou v době nahlášení veřejně viditelné. Další postup řešení problémů naleznete níže. </p><p><span id="What_to_include_in_a_security_issue_report"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Co_zahrnout_do_zprávy_o_bezpečnostním_problému" data-mw-thread-id="h-Co_zahrnout_do_zprávy_o_bezpečnostním_problému"><span id="Co_zahrnout_do_zpr.C3.A1vy_o_bezpe.C4.8Dnostn.C3.ADm_probl.C3.A9mu"></span><span data-mw-comment-start="" id="h-Co_zahrnout_do_zprávy_o_bezpečnostním_problému"></span>Co zahrnout do zprávy o bezpečnostním problému<span data-mw-comment-end="h-Co_zahrnout_do_zprávy_o_bezpečnostním_problému"></span></h2></div> <ul><li>Podrobné pokyny pro reprodukci problému.</li> <li>Pokud je to možné, osvědčeným postupem je <a href="https://en.wikipedia.org/wiki/Proof_of_concept" class="extiw" title="w:Proof of concept">proof-of-concept</a> kód demonstrující problém.</li> <li>Pokud lze zranitelnost reprodukovat na projektu Wikimedia (jako je Wikipedie nebo Wikislovník), uveďte, které konfigurace webu se liší.</li> <li>V případě potřeby uveďte, zda jste přihlášeni nebo odhlášeni, když k problému dojde.</li> <li>U <a href="https://en.wikipedia.org/wiki/Cross-site_scripting" class="extiw" title="w:Cross-site scripting">XSS</a> nebo zranitelností, které vyžadují specifický prohlížeč nebo plugin, uveďte, který prohlížeč a verzi používáte. Užitečná bude konkrétní verze jakéhokoli použitého softwaru.</li> <li><a href="https://en.wikipedia.org/wiki/OWASP" class="extiw" title="w:OWASP">OWASP</a> kategorie zranitelnosti (s použitím <a rel="nofollow" class="external text" href="https://owasp.org/www-project-top-ten/">OWASP Top 10 za rok 2017</a>) nebo <a href="https://en.wikipedia.org/wiki/Common_Weakness_Enumeration" class="extiw" title="w:Common Weakness Enumeration">CWE</a> id (s použitím <a rel="nofollow" class="external text" href="https://cwe.mitre.org/data/definitions/1000.html">CWE By Research Concepts</a>)</li> <li><a href="https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures" class="extiw" title="w:Common Vulnerabilities and Exposures">CVE</a>, pokud je přiřazen (pomocí <a rel="nofollow" class="external text" href="https://nvd.nist.gov/vuln/search">databáze NIST CVE</a>)</li> <li>Jakékoli další informace potřebné k prošetření a reprodukci problému.</li></ul> <p>Pokud nahlásíte zranitelnost emailem na adresu <b><a rel="nofollow" class="external text" href="mailto:security@wikimedia.org">security@wikimedia.org</a></b>, dejte nám vědět, pokud máte účet <a href="https://phabricator.wikimedia.org/" class="extiw" title="phab:">Wikimedia Phabricator</a>, protože vás přiřadíme k chybě, kterou vytvoříme, abyste mohli sledovat stav. </p><p>Účty Phabricatoru lze <a href="/wiki/Special:MyLanguage/Phabricator/Help#Creating_your_account" title="Special:MyLanguage/Phabricator/Help">vytvořit</a> pomocí existujícího <a href="https://meta.wikimedia.org/wiki/Special:MyLanguage/Help:Unified_login" class="extiw" title="m:Special:MyLanguage/Help:Unified login">účtu SUL Wiki</a>. </p><p><span id="What_happens_when_security_issues_are_reported"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením" data-mw-thread-id="h-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením"><span id="Co_se_stane.2C_kdy.C5.BE_jsou_hl.C3.A1.C5.A1eny_probl.C3.A9my_se_zabezpe.C4.8Den.C3.ADm"></span><span data-mw-comment-start="" id="h-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením"></span>Co se stane, když jsou hlášeny problémy se zabezpečením<span data-mw-comment-end="h-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením"></span></h2></div> <p>Budeme: </p> <ul><li>Zjišťovat, zda to považujeme za bezpečnostní problém.</li> <li>Pokusíme se problém reprodukovat a přiřadit chybě prioritu na základě jejího dopadu.</li> <li>Do Phabricatoru přidáme opravu a to zkontroluje další osoba. <ul><li>Záplata by měla obsahovat regresní testy, kdykoli je to možné.</li></ul></li> <li>Oprava bude nasazena na clusteru Wikimedia a přístup k opravě bude udělen několika důvěryhodným partnerům a distributorům.<sup class="Template-Fact" style="white-space:nowrap;">[<i><a href="https://en.wikipedia.org/wiki/Citation_needed" class="extiw" title="wikipedia:Citation needed"><span title="This claim needs references to reliable sources.">citation needed</span></a></i>]</sup></li> <li>Pokud je to možné, bude záplata zahrnuta v příštím vydání MediaWiki. Pokud je dopad zranitelnosti obzvláště špatný nebo máme náznaky, že je aktivně zneužívána, vydáme speciální bezpečnostní verzi MediaWiki, abychom zajistili ochranu třetích stran.</li> <li>Pokud výslovně neuvedete, že určité informace nesmí být zveřejněny, uveřejníme lístek Phabricator, jakmile bude oprava vydána, a připíšeme vám vaši zásluhu v oznámení o vydání. Pokud problém nahlásíte emailem na adresu <a rel="nofollow" class="external text" href="mailto:security@wikimedia.org">security@wikimedia.org</a>, může být samotný email zveřejněn. Může obsahovat vaši emailovou adresu a podpis, pokud nepožádáte o něco jiného. Značka Phabricatoru <a class="external text" href="https://phabricator.wikimedia.org/project/view/3825/">PermanentlyPrivate</a> zajistí, že zprávy budou trvale důvěrsné.</li> <li>Určete, zda je třeba publikovat <a href="https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures" class="extiw" title="w:Common Vulnerabilities and Exposures">CVE record</a>, pokud nebylo zahrnuto v původní zprávě</li></ul> <p><span id="Crediting_reporters"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Poděkování_reportérům" data-mw-thread-id="h-Poděkování_reportérům"><span id="Pod.C4.9Bkov.C3.A1n.C3.AD_report.C3.A9r.C5.AFm"></span><span data-mw-comment-start="" id="h-Poděkování_reportérům"></span>Poděkování reportérům<span data-mw-comment-end="h-Poděkování_reportérům"></span></h2></div> <ul><li>Poděkování bude přiznáno reportérovi ve zprávě k opravenému problému.</li> <li>Poděkování bude reportérovi přiznáno v oficiálním emailu s oznámením, který půjde do <a href="https://lists.wikimedia.org/pipermail/mediawiki-announce/" class="extiw" title="mailarchive:mediawiki-announce/">MediaWiki-announce</a> mailing listů.</li> <li>Poděkování bude uděleno <a href="/wiki/Wikimedia_Security_Team/Thanks" title="Wikimedia Security Team/Thanks">Wikimedia Security Team/Thanks</a> za zranitelnosti jádra MediaWiki nebo přibalené knihovny, vzhledu nebo rozšíření.</li> <li>V současné době neexistuje žádný rozpočet na bezpečnostní zprávy. To znamená, že se nadací Wikimedia Foundation <b>neplatí žádné odměny</b> za odhalení bezpečnostních chyb na těchto projektech, ať už v penězích nebo ve zboží.</li></ul> <p><span id="Tracking_report_remediation"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Oprava_zprávy_o_sledování" data-mw-thread-id="h-Oprava_zprávy_o_sledování"><span id="Oprava_zpr.C3.A1vy_o_sledov.C3.A1n.C3.AD"></span><span data-mw-comment-start="" id="h-Oprava_zprávy_o_sledování"></span>Oprava zprávy o sledování<span data-mw-comment-end="h-Oprava_zprávy_o_sledování"></span></h2></div> <p>Pokud je to během procesu nápravy možné, měly by bezpečnostní chyby obsahovat komentáře, které zahrnují: </p> <ul><li>Podrobné pokyny pro reprodukci problému.</li> <li>Odkazy na návaznosti, které zavedly chybu.</li> <li>Odkazy na sady změn Gerrit, které opravují chybu.</li></ul> <p>Přístup reportérů k jejich vlastním vytvořeným reportům je standardní, ale pro získání přístupu k bezpečnostním chráněným problémům obecně existuje samostatný <a href="/wiki/Security/SOP/Access_to_Phabricator_Security_Issues" title="Security/SOP/Access to Phabricator Security Issues">proces</a>. </p><p><span id="Contributing_patches"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Přispívané_záplaty" data-mw-thread-id="h-Přispívané_záplaty"><span id="P.C5.99isp.C3.ADvan.C3.A9_z.C3.A1platy"></span><span data-mw-comment-start="" id="h-Přispívané_záplaty"></span>Přispívané záplaty<span data-mw-comment-end="h-Přispívané_záplaty"></span></h2></div> <p>Pokud byste chtěli poskytnout opravu bezpečnostní chyby, přidejte ji prosím jako přílohu k úloze <a href="/wiki/Special:MyLanguage/Phabricator" title="Special:MyLanguage/Phabricator">Phabricator</a>. Záplatu můžete buď přetáhnout do oblasti komentáře nebo zahrnout rozdíl záplaty jako komentář. </p><p>Prosím <b>nezasílejte záplaty <a href="/wiki/Special:MyLanguage/Gerrit" title="Special:MyLanguage/Gerrit">Gerrit</a></b>. Všechny změny Gerrit (včetně "návrhů") jsou veřejně přístupné. </p> <ul><li>Viz část <a href="https://wikitech.wikimedia.org/wiki/How_to_deploy_code#Creating_a_Security_Patch" class="extiw" title="wikitech:How to deploy code">Vytvoření bezpečnostní záplaty</a> na wikitech pro kroky k vytvoření těchto záplat a část <a href="https://wikitech.wikimedia.org/wiki/How_to_deploy_code#Security_patches" class="extiw" title="wikitech:How to deploy code">Bezpečnostní záplaty</a>, jak se tyto záplaty nasazují.</li></ul> <p><span id="Related_security_content"></span> </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Související_obsah_zabezpečení" data-mw-thread-id="h-Související_obsah_zabezpečení"><span id="Souvisej.C3.ADc.C3.AD_obsah_zabezpe.C4.8Den.C3.AD"></span><span data-mw-comment-start="" id="h-Související_obsah_zabezpečení"></span>Související obsah zabezpečení<span data-mw-comment-end="h-Související_obsah_zabezpečení"></span></h2></div> <table class="wikitable"> <tbody><tr> <th>Projekt</th> <th>Použití bezpečnostním týmem Wikimedia </th></tr> <tr> <td><a href="/wiki/Special:MyLanguage/Security" title="Special:MyLanguage/Security">mediawiki.org</a><span style="display:none"><a href="/wiki/Security" title="Security"> </a></span></td> <td>Obecný obsah pro zásady, SOP atd. <a href="/wiki/Special:MyLanguage/Wikimedia_Security_Team" title="Special:MyLanguage/Wikimedia Security Team">Stránka oficiálního týmu zabezpečení</a><span style="display:none"><a href="/wiki/Wikimedia_Security_Team" title="Wikimedia Security Team"> </a></span>. </td></tr> <tr> <td><a class="external text" href="https://wikitech.wikimedia.org/wiki/Security">wikitech.wikimedia.org</a></td> <td>Procedurální nebo instruktážní materiál, který není školením. </td></tr> <tr> <td><a href="https://meta.wikimedia.org/wiki/Security" class="extiw" title="m:Security">meta.wikimedia.org</a></td> <td>Zásady a další obsah pro překlad. </td></tr> <tr> <td><a class="external text" href="https://office.wikimedia.org/wiki/Security">office.wikimedia.org</a></td> <td>Citlivý nebo soukromý obsah. Musí mít smlouvu o mlčenlivosti a odpovídající přístup. </td></tr> <tr> <td><a href="https://foundation.wikimedia.org/wiki/Policies" class="extiw" title="foundation:Policies">foundation.wikimedia.org</a></td> <td>Základní umístění zásad. </td></tr></tbody></table>    </div><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://www.mediawiki.org/w/index.php?title=Reporting_security_bugs/cs&oldid=6799950">https://www.mediawiki.org/w/index.php?title=Reporting_security_bugs/cs&oldid=6799950</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Special:Categories" title="Special:Categories">Categories</a>: <ul><li><a href="/w/index.php?title=Category:Wikimedia_Security_Team/cs&action=edit&redlink=1" class="new" title="Category:Wikimedia Security Team/cs (page does not exist)">Wikimedia Security Team/cs</a></li><li><a href="/wiki/Category:Security/cs" title="Category:Security/cs">Security/cs</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 16 October 2024, at 02:41.</li> <li id="footer-info-copyright">Text is available under the <a rel="nofollow" class="external text" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en">Creative Commons Attribution-ShareAlike License</a>; additional terms may apply. Text in <a class="external text" href="https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents">the Help: namespace</a> is available under the <a rel="nofollow" class="external text" href="https://creativecommons.org/publicdomain/zero/1.0/">Creative Commons CC0 License</a>. By using this site, you agree to the <a class="external text" href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use">Terms of Use</a> and <a class="external text" href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy Policy</a>.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Project:About">About mediawiki.org</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Project:General_disclaimer">Disclaimers</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://www.mediawiki.org/wiki/Special:MyLanguage/Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/www.mediawiki.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//m.mediawiki.org/w/index.php?title=Reporting_security_bugs/cs&mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-65496f48b4-v6zzw","wgBackendResponseTime":356,"wgDiscussionToolsPageThreads":[{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Co_je_považováno_za_bezpečnostní_problém","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Hlášení_bezpečnostního_problému","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Co_zahrnout_do_zprávy_o_bezpečnostním_problému","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Co_se_stane,_když_jsou_hlášeny_problémy_se_zabezpečením","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Poděkování_reportérům","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Oprava_zprávy_o_sledování","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Přispívané_záplaty","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Související_obsah_zabezpečení","replies":[]}],"wgPageParseReport":{"discussiontools":{"limitreport-timeusage":"0.015"},"limitreport":{"cputime":"0.253","walltime":"0.357","ppvisitednodes":{"value":251,"limit":1000000},"postexpandincludesize":{"value":1668,"limit":2097152},"templateargumentsize":{"value":558,"limit":2097152},"expansiondepth":{"value":14,"limit":100},"expensivefunctioncount":{"value":0,"limit":500},"unstrip-depth":{"value":0,"limit":20},"unstrip-size":{"value":5024,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 74.137 1 -total"," 54.37% 40.309 2 Template:Ll"," 45.29% 33.577 1 Template:Citation_needed"," 43.99% 32.614 4 Template:Translatable"," 20.29% 15.044 4 Template:Pagelang"," 3.29% 2.440 1 Template:Fix"]},"scribunto":{"limitreport-timeusage":{"value":"0.014","limit":"10.000"},"limitreport-memusage":{"value":1087634,"limit":52428800}},"cachereport":{"origin":"mw-api-int.codfw.main-849f99967d-rhd2j","timestamp":"20241123062233","ttl":2592000,"transientcontent":false}}});});</script> </body> </html>