Security sponsorship process should be mentioned
Bug #790544 reported by
Daniel Holbach
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Packaging Guide |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
It'd be great to also mention the sponsorship process for security bugs.
Two obvious candidates are:
- http://
- http://
Changed in ubuntu-packaging-guide: | |
status: | New → Fix Released |
To post a comment you must log in.
I have actually added the following blurb to the fixing- a-bug-security. rst (which I will be submitting for merge soon):
" ======= ======= ====
Test and Submit your work
=======
At this point the process is the same as for :doc:`fixing a regular bug in /fixing- a-bug>` . Specifically, you will want to:
Ubuntu<
#. Build your package and verify that it compiles without error and without security- sponsors` `
any added compiler warnings
#. Upgrade to the new version of the package from the previous version
#. Test that the new package fixes the vulnerability and does not introduce
any regressions
#. Submit your work via a Launchpad bug being sure to mark the bug as a
security bug and to subscribe ``ubuntu-
"
This might be enough to close this bug.