User Tools

  • Logged in as: anonymous (anonymous)
  • Log Out

Site Tools


mantisbt:handling_security_problems

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Last revisionBoth sides next revision
mantisbt:handling_security_problems [2017/03/10 07:26] – [Obtaining a CVE ID] New process to request CVE via MITRE's form dregadmantisbt:handling_security_problems [2017/03/10 07:34] – Add "Reference the CVE" section dregad
Line 96: Line 96:
 [[http://thread.gmane.org/gmane.comp.security.oss.general/9876|4]].  [[http://thread.gmane.org/gmane.comp.security.oss.general/9876|4]]. 
  
 +==== Reference the CVE ID ====
 +
 +Once the CVE ID has been assigned, it must be referenced in MantisBT, and used in every communication related to the security issue. 
 +
 +  * MantisBT's issue tracker (**Mandatory**): prefix the issue's summary with ''CVE-YYYY-XXXX - ''
 +  * in commit messages
 +  * on GitHub pull requests
 +  * in mailing lists discussions
 +  * in announcements (e.g. release notes, blog post, twitter...)
 +  * etc
  
mantisbt/handling_security_problems.txt · Last modified: 2021/07/14 12:08 by dregad

Driven by DokuWiki