[PATCH] doc: relax requirement on commit messages of security fixes

Maxime Coquelin maxime.coquelin at redhat.com
Fri Mar 31 12:37:40 CEST 2023

Previous message (by thread): [PATCH] doc: relax requirement on commit messages of security fixes
Next message (by thread): [dpdk-dev] [PATCH] doc: clarify disclosure time slot when no response
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Indeed!

On 3/31/23 12:34, Thomas Monjalon wrote:
> We missed this patch, there was no comment.
> Please review.
> 
> 10/03/2022 18:59, luca.boccassi at gmail.com:
>> From: Luca Boccassi <bluca at debian.org>
>>
>> Allow more flexibility with embargo lifting by not requiring
>> mentions of CVEs in commit messages if the lift date allows
>> it.
>>
>> Signed-off-by: Luca Boccassi <bluca at debian.org>
>> ---
>> -The CVE id and the bug id must be referenced in the patch.
>> +The CVE id and the bug id must be referenced in the patch if there is no
>> +embargo, or if there is an embargo, but it will be lifted when the release
>> +including the patch is published. If the embargo is going to be lifted after the
>> +release, then the CVE and bug ids must be omitted from the commit message.
> 
> 

Reviewed-by: Maxime Coquelin <maxime.coquelin at redhat.com>

Thanks,
Maxime

Previous message (by thread): [PATCH] doc: relax requirement on commit messages of security fixes
Next message (by thread): [dpdk-dev] [PATCH] doc: clarify disclosure time slot when no response
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list