diff options
| author | Sebastien Delafond <seb@debian.org> | 2017-08-11 14:27:52 +0000 |
|---|---|---|
| committer | Sebastien Delafond <seb@debian.org> | 2017-08-11 14:27:52 +0000 |
| commit | 145bbf06367c822593c66daf684ac40b8480f0a5 (patch) | |
| tree | ef1bce222235cbd73effa3fd0467dae8c6357663 /doc | |
| parent | f4b9a5345ad830497472ffb8b183611c3da47d58 (diff) | |
Document ignored & postponed sub-states a bit more
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54621 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/security-team.d.o/security_tracker | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/doc/security-team.d.o/security_tracker b/doc/security-team.d.o/security_tracker index 197317d1aa..8fe33970ae 100644 --- a/doc/security-team.d.o/security_tracker +++ b/doc/security-team.d.o/security_tracker @@ -344,21 +344,23 @@ Packages which are not anymore supported by the security team in a ### Issues not warranting a security advisory -These states are reserved to be used for the respective security team. +These states are reserved for use by the LTS and Security Team. -Sometimes an issue might not warrant an (immediate) security advisory since for -example an issue might be minor. When a issue does not warrant an advisory they -are marked with a distribution tag, the `<no-dsa>` state and an explanation. +Sometimes an issue might not warrant an (immediate) security advisory, +for example if its severity is minor. When that's the case, they are +marked with a distribution tag, the `<no-dsa>` state and an +explanation. -Two sub-states exists: `<ignored>` and `<postponed>`. +Furthermore, two sub-states exist: `<ignored>` and `<postponed>`. -If an issue will further be ignored the `<ignored>` state is used. + - if an issue is to be totally ignored, and no updates will be + provided for it, then the `<ignored>` state is used. -If an issue deserves an update via a security advisory, but it is not needed to -release an advisory just because of this issue, rather than `<no-dsa>` the -`<postponed>` state can be used. This state can as well be used, if a fix is -already queued up for a future security advisory and it will be included in -such. + - if an issue deserves an update via a security advisory, but it is + not needed to release an advisory just because of this issue, the + `<postponed>` state can be used instead of a plain `<no-dsa>`. + This state can also be used if a fix is already queued up for + a future security advisory, to be included later. ### `NOTE` and `TODO` entries |