Confirmed users
184
edits
Security/B2G/VulnerabilityManagement: Difference between revisions
proper highlighting
(→Definition of a security bug: formating) |
(proper highlighting) |
||
| Line 12: | Line 12: | ||
==== [http://mzl.la/1eQTgQE Sec-Fixed-Since B2G 2.1] ==== | ==== [http://mzl.la/1eQTgQE Sec-Fixed-Since B2G 2.1] ==== | ||
This search contains all security bugs set to ''fixed after 2014-11-22'' (after 2.1 went code complete). It is meant to define the superset of bugs relevant for the 2.2 release. | This search contains all security bugs set to '''fixed after 2014-11-22''' (after 2.1 went code complete). It is meant to define the superset of bugs relevant for the 2.2 release. | ||
''TODO'': Should this list also contain ''affected'' and ''verified''? | '''TODO''': Should this list also contain ''affected'' and ''verified''? | ||
==== [http://mzl.la/1eQTAix Sec-No-Status B2G 2.2] ==== | ==== [http://mzl.la/1eQTAix Sec-No-Status B2G 2.2] ==== | ||
This search lists all security bugs fixed since 2.1 ''lacking status-b2g-v2.2'' classification. | This search lists all security bugs fixed since 2.1 '''lacking status-b2g-v2.2''' classification. | ||
It is the ''list that needs special scrutiny'' for detecting improper bug status for the 2.2 release. | It is the '''list that needs special scrutiny''' for detecting improper bug status for the 2.2 release. | ||
==== [http://mzl.la/1eQTpne Sec-Status-Requested B2G 2.2] ==== | ==== [http://mzl.la/1eQTpne Sec-Status-Requested B2G 2.2] ==== | ||
This search lists all security bugs with status-b2g-v2.2 set to '?'. It is meant to signal that the ''developer was sent a NEEDINFO'' request for setting the appropriate | This search lists all security bugs with ''status-b2g-v2.2'' set to ''?''. It is meant to signal that the '''developer was sent a NEEDINFO''' request for setting the appropriate ''status-b2g-v2.2'', but hasn't done so, yet. | ||
==== [http://mzl.la/1eQVhfH Sec-Affects B2G 2.2] ==== | ==== [http://mzl.la/1eQVhfH Sec-Affects B2G 2.2] ==== | ||
This is the list with all security bugs that have ''status-b2g-v2.2 set to affected, verified or fixed''. It is intended as superset for advisory candidates for the 2.2 release. | This is the list with all security bugs that have '''status-b2g-v2.2 set to affected, verified or fixed'''. It is intended as superset for advisory candidates for the 2.2 release. | ||
==== [http://mzl.la/1eQTNSK Sec-Advisory-Needed B2G 2.2] ==== | ==== [http://mzl.la/1eQTNSK Sec-Advisory-Needed B2G 2.2] ==== | ||
These are all security bugs ''confirmed to be affecting 2.2'', but without an '''[adv-*''' tag on whiteboard. | These are all security bugs '''confirmed to be affecting 2.2''', but without an '''[adv-*''' tag on whiteboard. | ||
This list needs special scrutiny after we're confident that all security bugs have gotten a proper status-b2g-v2.2 classification. | This list needs special scrutiny after we're confident that all security bugs have gotten a proper status-b2g-v2.2 classification. | ||
''TODO'': list of whiteboard tags we use and their meaning | '''TODO''': list of whiteboard tags we use and their meaning | ||
==== [http://mzl.la/1eQTZS Sec-Has-Advisory B2G 2.2] ==== | ==== [http://mzl.la/1eQTZS Sec-Has-Advisory B2G 2.2] ==== | ||
These are all security bugs confirmed to be affecting 2.2 with '''[adv-*''' on whiteboard, meaning that someone has already written an advisory. | These are all security bugs confirmed to be affecting 2.2 with '''[adv-*''' on whiteboard, meaning that '''someone has already written an advisory'''. | ||
This Bugzilla query is intended to be ''used for automatic generation of the advisory overview'' for the Firefox 2.2 release. | This Bugzilla query is intended to be '''used for automatic generation of the advisory overview''' for the Firefox 2.2 release. | ||