Author: carnil Date: 2017-08-11 05:34:00 +0000 (Fri, 11 Aug 2017) New Revision: 54594
Modified: doc/security-team.d.o/security_tracker Log: Add section about issues not warranting an advisory Modified: doc/security-team.d.o/security_tracker =================================================================== --- doc/security-team.d.o/security_tracker 2017-08-11 05:33:52 UTC (rev 54593) +++ doc/security-team.d.o/security_tracker 2017-08-11 05:34:00 UTC (rev 54594) @@ -342,7 +342,24 @@ - ffmpeg <removed> - ffmpeg-debian <end-of-life> +### Issues not warranting a security advisory +This states are reserved to be used for the respective security team. + +Sometimes an issue might not warrant an (immediate) security advisory since for +example an issue might be minor. When a issue does not warrant an advisory they +are marked with a distribution tag, the `<no-dsa>` state and an explanation. + +Two sub-states exists: `<ignored>` and `<postponed>`. + +If an issue will further be ignored the <ignored> state is used. + +If an issue deserves an update via a security advisory, but it is not needed to +release an advisory just because of this issue, rather than `<no-dsa>` the +`<postponed>` state can be used. This state can as well be used, if a fix is +already queued up for a future security advisory and it will be included in +such. + ### `NOTE` and `TODO` entries There are many instances where more work has to be done to determine _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits