docs: Clarify details for reporting security bugs
The kernel security team is regularly asked to provide CVE identifiers, which we don't normally do. This updates the documentation to mention this and adds some more details about coordination and patch handling that come up regularly. Based on an earlier draft by Willy Tarreau. Signed-off-by: NKees Cook <keescook@chromium.org> Acked-by: NWilly Tarreau <w@1wt.eu> Signed-off-by: NJonathan Corbet <corbet@lwn.net>
Showing
想要评论请 注册 或 登录