This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 19 Oct 2015 16:48, Joseph Myers wrote: > On Mon, 19 Oct 2015, Hector Marco-Gisbert wrote: > > 4.- The CVE can be assigned or not, it depends on many factors, we don't care > > that much. But it is obvious that our contribution have been used to improve > > the security of the Glibc, and then it must be properly credited. > > Isn't the normal credit for a bug reported in public (whether or not a > security bug): the bug number is referenced in the ChangeLog and the > commit message, and anyone can follow that reference back to see who > reported the bug? I would hope that databases of CVEs would also point > directly to the bug report in Bugzilla, not just the commit fixing the > bug. yeah, the name in the ChangeLog is used for showing who made the change, not who reported the issue. if the older entries mentioned reporters, then that was a mistake. the commit message / bug is where details like the reporter go. https://www.gnu.org/prep/standards/html_node/Style-of-Change-Logs.html -mike
Attachment:
signature.asc
Description: Digital signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |