Author: carnil
Date: 2017-08-11 05:34:00 +0000 (Fri, 11 Aug 2017)
New Revision: 54594
Modified:
doc/security-team.d.o/security_tracker
Log:
Add section about issues not warranting an advisory
Modified: doc/security-team.d.o/security_tracker
===================================================================
--- doc/security-team.d.o/security_tracker 2017-08-11 05:33:52 UTC (rev
54593)
+++ doc/security-team.d.o/security_tracker 2017-08-11 05:34:00 UTC (rev
54594)
@@ -342,7 +342,24 @@
- ffmpeg <removed>
- ffmpeg-debian <end-of-life>
+### Issues not warranting a security advisory
+This states are reserved to be used for the respective security team.
+
+Sometimes an issue might not warrant an (immediate) security advisory since for
+example an issue might be minor. When a issue does not warrant an advisory they
+are marked with a distribution tag, the `<no-dsa>` state and an explanation.
+
+Two sub-states exists: `<ignored>` and `<postponed>`.
+
+If an issue will further be ignored the <ignored> state is used.
+
+If an issue deserves an update via a security advisory, but it is not needed to
+release an advisory just because of this issue, rather than `<no-dsa>` the
+`<postponed>` state can be used. This state can as well be used, if a fix is
+already queued up for a future security advisory and it will be included in
+such.
+
### `NOTE` and `TODO` entries
There are many instances where more work has to be done to determine
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
