Alan Coopersmith wrote:
> Scott Rotondo wrote:
>> Alan Coopersmith wrote:
>>> Gary Winiger wrote:
>>>>> Thanks Gary! Is there an official bugid on sunsolve to track this?
>>>>
>>>> Not being a field agent I'm not sure how bugs are tracked on
>>>> sunsolve.
>>>
>>> Sadly, anything marked as a security bug is explicitly excluded from
>>> sunsolve,
>>> as well as bugs.opensolaris.org. Perhaps we should create a
>>> "security-open"
>>> keyword for bugs like this in which all the information that
>>> sunsolve/boo would expose is already public so they can be published
>>> as well.
>>>
>>
>> Not really necessary. Just avoid marking it as a security bug.
>
> Won't that break the internal tracking of security bugs to make sure
> the patches are released as free security patches and Sun Alerts are
> issued for them?
>
Having scteam at sun.com should be enough to drive the necessary tracking
for things like generating a Sun Alert. However, I don't know what's
necessary to identify it as a patch that should be freely available.
Scott
