Crypto/Security component in Bugzilla

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>>>> "Mark" == Mark Wielaard <mark@xxxxxxxxx> writes:

Mark> Maybe Andrew (one of the gcc bug-masters) can advise us on when to add a
Mark> new keyword and when to use meta-bugs. How do other projects handle
Mark> security issues/bug reports in their issue trackers?

Often serious security issues aren't filed at all, but instead the
maintainers are contacted privately, and the fixes are embargoed until
a certain date.

I thought this question was more about "security" in the sense of
"bugs we know of in our security code", not "security flaws requiring
a quick turnaround".

Tom


[Index of Archives]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]

  Powered by Linux