The submitting patches mentions criteria for a fix to be called "security fix". Add a link to document explaining the entire process of handling security bugs. Cc: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> Cc: Marek Szyprowski <m.szyprowski@xxxxxxxxxxx> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Cc: Kees Cook <keescook@xxxxxxxxxxxx> Signed-off-by: Krzysztof Kozlowski <krzk@xxxxxxxxxx> --- Documentation/process/submitting-patches.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst index 5219bf3cddfc..d5b3c5a74d5d 100644 --- a/Documentation/process/submitting-patches.rst +++ b/Documentation/process/submitting-patches.rst @@ -299,7 +299,8 @@ sending him e-mail. If you have a patch that fixes an exploitable security bug, send that patch to security@xxxxxxxxxx. For severe bugs, a short embargo may be considered to allow distributors to get the patch out to users; in such cases, -obviously, the patch should not be sent to any public lists. +obviously, the patch should not be sent to any public lists. See also +:ref:`Documentation/admin-guide/security-bugs.rst <security-bugs>`. Patches that fix a severe bug in a released kernel should be directed toward the stable maintainers by putting a line like this:: -- 2.17.1
