Security/Firefox/Security Bug Escalation Process: Difference between revisions

Jump to navigation Jump to search

Security/Firefox/Security Bug Escalation Process (view source)

Revision as of 06:33, 30 January 2018

21 bytes added ,  30 January 2018
Add assumption
(correct the driver role)
(Add assumption)
 
Line 1: Line 1:
=== Assumption ===
Security bug fix process needs clearly defined escalation process to be effective
Security bug fix process needs clearly defined escalation process to be effective


== Bug management/escalation process ==
=== Bug management/escalation process ===
#Two days after a sec-crit or sec-hi bug was assigned, if no update on the bug, the assignee will receive an overdue email. If no activity on the bug for another day, assignee’s manager will be needinfo-ed, This step will continue to escalate every 3 days until the bug is updated with next step. The escalation process stops when an assigned developer provide an update on how to land the patch with estimate.
#Two days after a sec-crit or sec-hi bug was assigned, if no update on the bug, the assignee will receive an overdue email. If no activity on the bug for another day, assignee’s manager will be needinfo-ed, This step will continue to escalate every 3 days until the bug is updated with next step. The escalation process stops when an assigned developer provide an update on how to land the patch with estimate.
#Weekly security bug status report will be send to engineering managers, engineering directors, Head of Trust and Safety, and release managers.
#Weekly security bug status report will be send to engineering managers, engineering directors, Head of Trust and Safety, and release managers.
Wleung
10

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1187897"

Navigation menu