diff options
| author | Nathan Chancellor <nathan@kernel.org> | 2025-09-19 13:43:11 -0700 |
|---|---|---|
| committer | Nathan Chancellor <nathan@kernel.org> | 2025-09-19 13:43:11 -0700 |
| commit | 95ee3364b29313a7587b7d1e42a9d043aaf7e592 (patch) | |
| tree | cefa28373f4ee2c696925a0d68363987150bc8c6 /Documentation/process | |
| parent | Merge patch series "Bump minimum supported version of LLVM for building the k... (diff) | |
| parent | Linux 6.17-rc6 (diff) | |
| download | linux-95ee3364b29313a7587b7d1e42a9d043aaf7e592.tar.gz linux-95ee3364b29313a7587b7d1e42a9d043aaf7e592.zip | |
Merge 6.17-rc6 into kbuild-next
Commit bd7c2312128e ("pinctrl: meson: Fix typo in device table macro")
is needed in kbuild-next to avoid a build error with a future change.
While at it, address the conflict between commit 41f9049cff32 ("riscv:
Only allow LTO with CMODEL_MEDANY") and commit 6578a1ff6aa4 ("riscv:
Remove version check for LTO_CLANG selects"), as reported by Stephen
Rothwell [1].
Link: https://lore.kernel.org/20250908134913.68778b7b@canb.auug.org.au/ [1]
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Diffstat (limited to 'Documentation/process')
| -rw-r--r-- | Documentation/process/security-bugs.rst | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/Documentation/process/security-bugs.rst b/Documentation/process/security-bugs.rst index 56c560a00b37..84657e7d2e5b 100644 --- a/Documentation/process/security-bugs.rst +++ b/Documentation/process/security-bugs.rst @@ -8,8 +8,22 @@ like to know when a security bug is found so that it can be fixed and disclosed as quickly as possible. Please report security bugs to the Linux kernel security team. -Contact -------- +The security team and maintainers almost always require additional +information beyond what was initially provided in a report and rely on +active and efficient collaboration with the reporter to perform further +testing (e.g., verifying versions, configuration options, mitigations, or +patches). Before contacting the security team, the reporter must ensure +they are available to explain their findings, engage in discussions, and +run additional tests. Reports where the reporter does not respond promptly +or cannot effectively discuss their findings may be abandoned if the +communication does not quickly improve. + +As it is with any bug, the more information provided the easier it +will be to diagnose and fix. Please review the procedure outlined in +'Documentation/admin-guide/reporting-issues.rst' if you are unclear about what +information is helpful. Any exploit code is very helpful and will not +be released without consent from the reporter unless it has already been +made public. The Linux kernel security team can be contacted by email at <security@kernel.org>. This is a private list of security officers @@ -19,13 +33,6 @@ that can speed up the process considerably. It is possible that the security team will bring in extra help from area maintainers to understand and fix the security vulnerability. -As it is with any bug, the more information provided the easier it -will be to diagnose and fix. Please review the procedure outlined in -'Documentation/admin-guide/reporting-issues.rst' if you are unclear about what -information is helpful. Any exploit code is very helpful and will not -be released without consent from the reporter unless it has already been -made public. - Please send plain text emails without attachments where possible. It is much harder to have a context-quoted discussion about a complex issue if all the details are hidden away in attachments. Think of it like a |