diff options
| author | Tim Graham <timograham@gmail.com> | 2016-10-24 15:02:55 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-10-24 15:02:55 -0400 |
| commit | 6fdb12cdccc6b33714f7a93ca8cc8d9c300b0f82 (patch) | |
| tree | 6e5ce0106cd315c5aada3fbcddf5e7a442f88388 /docs | |
| parent | 19f1321fa44c45a737da0023c2122e711057b554 (diff) | |
Documented how to request CVE IDs.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/internals/howto-release-django.txt | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/docs/internals/howto-release-django.txt b/docs/internals/howto-release-django.txt index c5254a8af3..40e5c25b34 100644 --- a/docs/internals/howto-release-django.txt +++ b/docs/internals/howto-release-django.txt @@ -92,8 +92,11 @@ any time leading up to the actual release: the release. We maintain a list of who gets these pre-notification emails in the private ``django-core`` repository. Send the mail to ``security@djangoproject.com`` and BCC the pre-notification recipients. - This email should be signed by the key you'll use for the release, and - should include patches for each issue being fixed. + This email should be signed by the key you'll use for the release and + should include `CVE IDs <https://cveform.mitre.org/>`_ (requested with + Vendor: djangoproject, Product: django) and patches for each issue being + fixed. Also, :ref:`notify django-announce <security-disclosure>` of the + upcoming security release. #. As the release approaches, watch Trac to make sure no release blockers are left for the upcoming release. |
