[Secure-testing-commits] r46157 - doc/security-team.d.o
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 13 12:53:28 UTC 2016
Author: carnil
Date: 2016-11-13 12:53:28 +0000 (Sun, 13 Nov 2016)
New Revision: 46157
Modified:
doc/security-team.d.o/security_tracker
Log:
Document CVE Request syntax
Modified: doc/security-team.d.o/security_tracker
===================================================================
--- doc/security-team.d.o/security_tracker 2016-11-13 12:40:14 UTC (rev 46156)
+++ doc/security-team.d.o/security_tracker 2016-11-13 12:53:28 UTC (rev 46157)
@@ -437,6 +437,14 @@
issue is likely present in unstable, a bug should be filed to help the
maintainer to track it.
+If a CVE is requested and found unter a particular URL, please add a NOTE
+as follows:
+
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/13/1
+
+Once a CVE is assigned, the 'CVE Request: ' only or the whole line might be
+cleaned up.
+
Lack of CVE entries should not block advisory publication which are
otherwise ready, but we should strive to release fully
cross-referenced advisories nevertheless.
More information about the Secure-testing-commits
mailing list