User Tools

  • Logged in as: anonymous (anonymous)
  • Log Out

Site Tools


mantisbt:handling_security_problems

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
mantisbt:handling_security_problems [2017/03/10 07:26]
dregad [Obtaining a CVE ID] New process to request CVE via MITRE's form
mantisbt:handling_security_problems [2017/03/10 07:34] (current)
dregad Add "Reference the CVE" section
Line 96: Line 96:
 [[http://​thread.gmane.org/​gmane.comp.security.oss.general/​9876|4]]. ​ [[http://​thread.gmane.org/​gmane.comp.security.oss.general/​9876|4]]. ​
  
 +==== Reference the CVE ID ====
 +
 +Once the CVE ID has been assigned, it must be referenced in MantisBT, and used in every communication related to the security issue. ​
 +
 +  * MantisBT'​s issue tracker (**Mandatory**):​ prefix the issue'​s summary with ''​CVE-YYYY-XXXX - ''​
 +  * in commit messages
 +  * on GitHub pull requests
 +  * in mailing lists discussions
 +  * in announcements (e.g. release notes, blog post, twitter...)
 +  * etc
  
mantisbt/handling_security_problems.1489148803.txt.gz ยท Last modified: 2017/03/10 07:26 by dregad