Re: [PATCH 2/2] Documentation: security-bugs.rst: clarify CVE handling

From: Willy Tarreau
Date: Mon Jul 03 2023 - 15:35:45 EST

Next message: Nicolas Dufresne: "Re: [PATCH v4,05/11] media: mediatek: vcodec: remove the dependency of vcodec debug log"
Previous message: Sam James: "Re: [PATCH 6.4 00/28] 6.4.1-rc1 review - hppa argument list too long"
In reply to: Kees Cook: "Re: [PATCH 2/2] Documentation: security-bugs.rst: clarify CVE handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 03, 2023 at 12:26:32PM -0700, Kees Cook wrote:
> I still think this version of the sentence is more readable:
>
> However under no circumstances will patch publication be delayed for
> CVE identifier assignment.
>
> "patch inclusion" is less clear to me that "publication", and "be
> delayed to wait for" is redundant: a delay is a wait, and "to arrive"
> is just the assignment, which is the subject of the paragraph, so better
> to keep the language for that consistent.

I agree, I find it better as well :-)

Thanks,
Willy

Next message: Nicolas Dufresne: "Re: [PATCH v4,05/11] media: mediatek: vcodec: remove the dependency of vcodec debug log"
Previous message: Sam James: "Re: [PATCH 6.4 00/28] 6.4.1-rc1 review - hppa argument list too long"
In reply to: Kees Cook: "Re: [PATCH 2/2] Documentation: security-bugs.rst: clarify CVE handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]