mantisbt:handling_security_problems
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
mantisbt:handling_security_problems [2017/03/10 07:26] – [Obtaining a CVE ID] New process to request CVE via MITRE's form dregad | mantisbt:handling_security_problems [2021/07/14 12:08] (current) – Must be logged in with mantisbt.org account dregad | ||
---|---|---|---|
Line 10: | Line 10: | ||
If you discover a security issue or what you think could be one, please | If you discover a security issue or what you think could be one, please | ||
- | [[http://www.mantisbt.org/ | + | [[https:// |
+ | ((You must be logged-in with your mantisbt.org account to use this link)) | ||
in our bug tracker following the guidelines below. | in our bug tracker following the guidelines below. | ||
Line 96: | Line 97: | ||
[[http:// | [[http:// | ||
+ | ==== Reference the CVE ID ==== | ||
+ | |||
+ | Once the CVE ID has been assigned, it must be referenced in MantisBT, and used in every communication related to the security issue. | ||
+ | |||
+ | * MantisBT' | ||
+ | * in commit messages | ||
+ | * on GitHub pull requests | ||
+ | * in mailing lists discussions | ||
+ | * in announcements (e.g. release notes, blog post, twitter...) | ||
+ | * etc | ||
mantisbt/handling_security_problems.1489148803.txt.gz · Last modified: 2017/03/10 07:26 by dregad