Security/Firefox/Security Bug Life Cycle/Security Advisories: Difference between revisions

Jump to navigation Jump to search

Security/Firefox/Security Bug Life Cycle/Security Advisories (view source)

Revision as of 08:38, 3 December 2021

47 bytes added ,  3 December 2021
adding the evergreen sentence that we keep reusing to the example advisory, so I have a place to look it up
(→‎Review it yourself: adding additional tips)
(adding the evergreen sentence that we keep reusing to the example advisory, so I have a place to look it up)
Line 39: Line 39:
  John Doe
  John Doe
   
   
  When receiving a foobar message, an attacker could specify in incorrect number of gordons, leading to memory corruption.
  When receiving a foobar message, an attacker could specify in incorrect number of gordons. This can lead to a user-after-free causing a potentially exploitable crash.
 


Advisories are written in the past tense. Typically they're somewhat vague, but they don't have to be. Anyone is allowed to write an advisory for a bug if they feel they can do so; however, only one non-obsolete advisory.txt should be attached when the yml creation is performed.
Advisories are written in the past tense. Typically they're somewhat vague, but they don't have to be. Anyone is allowed to write an advisory for a bug if they feel they can do so; however, only one non-obsolete advisory.txt should be attached when the yml creation is performed.
Fbraun
Confirmed users
236

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1239356"

Navigation menu