[Secure-testing-commits] r54621 - doc/security-team.d.o

Sebastien Delafond seb at moszumanska.debian.org
Fri Aug 11 14:27:52 UTC 2017 

Author: seb
Date: 2017-08-11 14:27:52 +0000 (Fri, 11 Aug 2017)
New Revision: 54621

Modified:
   doc/security-team.d.o/security_tracker
Log:
Document ignored & postponed sub-states a bit more

Modified: doc/security-team.d.o/security_tracker
===================================================================
--- doc/security-team.d.o/security_tracker	2017-08-11 14:25:46 UTC (rev 54620)
+++ doc/security-team.d.o/security_tracker	2017-08-11 14:27:52 UTC (rev 54621)
@@ -344,21 +344,23 @@
 
 ### Issues not warranting a security advisory
 
-These states are reserved to be used for the respective security team.
+These states are reserved for use by the LTS and Security Team.
 
-Sometimes an issue might not warrant an (immediate) security advisory since for
-example an issue might be minor. When a issue does not warrant an advisory they
-are marked with a distribution tag, the `<no-dsa>` state and an explanation.
+Sometimes an issue might not warrant an (immediate) security advisory,
+for example if its severity is minor. When that's the case, they are
+marked with a distribution tag, the `<no-dsa>` state and an
+explanation.
 
-Two sub-states exists: `<ignored>` and `<postponed>`.
+Furthermore, two sub-states exist: `<ignored>` and `<postponed>`.
 
-If an issue will further be ignored the `<ignored>` state is used.
+  - if an issue is to be totally ignored, and no updates will be
+    provided for it, then the `<ignored>` state is used.
 
-If an issue deserves an update via a security advisory, but it is not needed to
-release an advisory just because of this issue, rather than `<no-dsa>` the
-`<postponed>` state can be used. This state can as well be used, if a fix is
-already queued up for a future security advisory and it will be included in
-such.
+  - if an issue deserves an update via a security advisory, but it is
+    not needed to release an advisory just because of this issue, the
+    `<postponed>` state can be used instead of a plain `<no-dsa>`.
+    This state can also be used if a fix is already queued up for
+    a future security advisory, to be included later.
 
 ### `NOTE` and `TODO` entries

More information about the Secure-testing-commits mailing list