mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 16:48:49 -05:00
docs/SECURITY-PROCESS: now we name the files after the CVE id
This commit is contained in:
parent
4c20b20482
commit
a040ff88e4
@ -109,17 +109,12 @@ Publishing Security Advisories
|
|||||||
1. Write up the security advisory, using markdown syntax. Use the same
|
1. Write up the security advisory, using markdown syntax. Use the same
|
||||||
subtitles as last time to maintain consistency.
|
subtitles as last time to maintain consistency.
|
||||||
|
|
||||||
2. Name the advisory file (and ultimately the URL to be used when the flaw
|
2. Name the advisory file after the allocated CVE id.
|
||||||
gets published), using a randomized component so that third parties that
|
|
||||||
are involved in the process for each individual flaw will not be given
|
|
||||||
insights about possible *other* flaws worked on in parallel.
|
|
||||||
`adv_YEAR_RANDOM.md` has been used before.
|
|
||||||
|
|
||||||
3. Add a line on the top of the array in `curl-www/docs/vuln.pm'.
|
3. Add a line on the top of the array in `curl-www/docs/vuln.pm'.
|
||||||
|
|
||||||
4. Put the new advisory markdown file in the curl-www/docs/ directory. Add it
|
4. Put the new advisory markdown file in the curl-www/docs/ directory. Add it
|
||||||
to the git repo. Update the Makefile in the same directory to build the
|
to the git repo.
|
||||||
HTML representation.
|
|
||||||
|
|
||||||
5. Run `make` in your local web checkout and verify that things look fine.
|
5. Run `make` in your local web checkout and verify that things look fine.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user