Security/Firefox/Security Bug Life Cycle/Security Advisories: Difference between revisions

Jump to navigation Jump to search

Security/Firefox/Security Bug Life Cycle/Security Advisories (view source)

Revision as of 19:46, 7 January 2020

362 bytes added ,  7 January 2020
no edit summary
No edit summary
No edit summary
Line 73: Line 73:


The CVE ID is unique per bug except for the internal roll-up advisories, which use one CVE ID for a list of bugs. (The CVE assignment process can be complicated because Mitre imposes many rules on CVE assignment and requires communication back in specified data formats when CVEs are assigned. Failure to follow this process can result in Mitre refusing to hand out additional CVE IDs for use.)
The CVE ID is unique per bug except for the internal roll-up advisories, which use one CVE ID for a list of bugs. (The CVE assignment process can be complicated because Mitre imposes many rules on CVE assignment and requires communication back in specified data formats when CVEs are assigned. Failure to follow this process can result in Mitre refusing to hand out additional CVE IDs for use.)
=== Release ===
Once CVEs are assigned, the yml files are checked into git and staged in the private https://github.com/mozilla/foundation-security-advisories-private/ repo. Release management will pull from this repo and commit it to the public https://github.com/mozilla/foundation-security-advisories/ repo which will make them live on the site in moments.
Tritter
130

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1221990"

Navigation menu