[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 105/153: docs/SECURITY-PROCESS: now we name the fil
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 105/153: docs/SECURITY-PROCESS: now we name the files after the CVE id |
Date: |
Tue, 11 Sep 2018 12:52:56 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit a040ff88e4698bdee1eddc0cdb5a7fb65db49201
Author: Daniel Stenberg <address@hidden>
AuthorDate: Mon Aug 20 11:49:58 2018 +0200
docs/SECURITY-PROCESS: now we name the files after the CVE id
---
docs/SECURITY-PROCESS.md | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/docs/SECURITY-PROCESS.md b/docs/SECURITY-PROCESS.md
index 0db6403c6..6ef7757ca 100644
--- a/docs/SECURITY-PROCESS.md
+++ b/docs/SECURITY-PROCESS.md
@@ -109,17 +109,12 @@ Publishing Security Advisories
1. Write up the security advisory, using markdown syntax. Use the same
subtitles as last time to maintain consistency.
-2. Name the advisory file (and ultimately the URL to be used when the flaw
- gets published), using a randomized component so that third parties that
- are involved in the process for each individual flaw will not be given
- insights about possible *other* flaws worked on in parallel.
- `adv_YEAR_RANDOM.md` has been used before.
+2. Name the advisory file after the allocated CVE id.
3. Add a line on the top of the array in `curl-www/docs/vuln.pm'.
4. Put the new advisory markdown file in the curl-www/docs/ directory. Add it
- to the git repo. Update the Makefile in the same directory to build the
- HTML representation.
+ to the git repo.
5. Run `make` in your local web checkout and verify that things look fine.
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 116/153: x509asn1: use FALLTHROUGH, (continued)
- [GNUnet-SVN] [gnurl] 116/153: x509asn1: use FALLTHROUGH, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 100/153: http2: make sure to send after RST_STREAM, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 128/153: docs: clarify NO_PROXY env variable functionality, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 99/153: test1268: check the stderr output as "text", gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 106/153: SSLCERTS: improve the openssl command line, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 108/153: INTERNALS: require GnuTLS >= 2.11.3, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 89/153: travis: disable h2 torture tests for "coverage", gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 93/153: CMake: CMake config files are defining CURL_STATICLIB for static builds, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 97/153: curl: warn the user if a given file name looks like an option, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 102/153: upload: allocate upload buffer on-demand, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 105/153: docs/SECURITY-PROCESS: now we name the files after the CVE id,
gnunet <=
- [GNUnet-SVN] [gnurl] 104/153: RELEASE-NOTES: synced, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 103/153: upload: change default UPLOAD_BUFSIZE to 64KB, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 96/153: http2: check nghttp2_session_set_stream_user_data return code, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 71/153: test1531: Add timeout, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 51/153: smb: don't mark it done in smb_do, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 91/153: ssh-libssh: fix infinite connect loop on invalid private key, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 101/153: vtls: reinstantiate engine on duplicated handles, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 95/153: travis: revert back to gcc-7 for coverage builds, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 86/153: docs: add disallow-username-in-url.d and haproxy-protocol.d on the list, gnunet, 2018/09/11
- [GNUnet-SVN] [gnurl] 98/153: urldata: remove unused pipe_broke struct field, gnunet, 2018/09/11