Document CVE Request syntax

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46157 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2016-11-13 12:53:28 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-11-13 12:53:28 +0000
commit: 540736363977d8d1a339c2e1fc42a29d5f011e62 (patch)
tree: e9a6bc4ad064123ab47dc8b94bde745cd9b16ba4 /doc/security-team.d.o
parent: 43784a66ec1f133c51bd9e804aab5198a1938f13 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/security-team.d.o/security_tracker b/doc/security-team.d.o/security_tracker
index d8987966a3..2ca20f5714 100644
--- a/doc/security-team.d.o/security_tracker
+++ b/doc/security-team.d.o/security_tracker
@@ -437,6 +437,14 @@ entry in the upstream bug tracker, or a bug in the Debian BTS.  If the
 issue is likely present in unstable, a bug should be filed to help the
 maintainer to track it.
 
+If a CVE is requested and found unter a particular URL, please add a NOTE
+as follows:
+
+            NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/13/1
+
+Once a CVE is assigned, the 'CVE Request: ' only or the whole line might be
+cleaned up.
+
 Lack of CVE entries should not block advisory publication which are
 otherwise ready, but we should strive to release fully
 cross-referenced advisories nevertheless.
author	Salvatore Bonaccorso <carnil@debian.org>	2016-11-13 12:53:28 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-11-13 12:53:28 +0000
commit	540736363977d8d1a339c2e1fc42a29d5f011e62 (patch)
tree	e9a6bc4ad064123ab47dc8b94bde745cd9b16ba4 /doc/security-team.d.o
parent	43784a66ec1f133c51bd9e804aab5198a1938f13 (diff)