canmove, Confirmed users
640
edits
Security/Firefox/Security Bug Life Cycle: Difference between revisions
Jump to navigation
Jump to search
Security/Firefox/Security Bug Life Cycle (view source)
Revision as of 22:00, 25 September 2019
, 25 September 2019Added pending sec-approval query
m (→A Bug is Born) |
(Added pending sec-approval query) |
||
| Line 78: | Line 78: | ||
We know people watch our check-ins and we don’t want to 0-day ourselves by landing obvious fixes and test cases that demonstrate how to trigger the vulnerability. The [https://wiki.mozilla.org/Security/Bug_Approval_Process '''Security Bug Approval Process'''] is designed to prevent that. Part of the approval process is evaluating what bugs need to be pushed to beta and which are risky and need to ride the trains, and whether the patch is needed on supported ESR branches. | We know people watch our check-ins and we don’t want to 0-day ourselves by landing obvious fixes and test cases that demonstrate how to trigger the vulnerability. The [https://wiki.mozilla.org/Security/Bug_Approval_Process '''Security Bug Approval Process'''] is designed to prevent that. Part of the approval process is evaluating what bugs need to be pushed to beta and which are risky and need to ride the trains, and whether the patch is needed on supported ESR branches. | ||
[https://bugzilla.mozilla.org/buglist.cgi?quicksearch=ALL%20sec-approval%3F '''Pending sec-approval requests'''] | |||
| Line 104: | Line 106: | ||
[https://bugzilla.mozilla.org/buglist.cgi?quicksearch=class%3Aclient%2Ccomp%20kw%3Asec-critical%2Csec-high%20kw%3Astalled '''Stalled security bugs'''] | [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=class%3Aclient%2Ccomp%20kw%3Asec-critical%2Csec-high%20kw%3Astalled '''Stalled security bugs'''] | ||
= Triage tools = | = Triage tools = | ||