From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id 93CB9A0471 for ; Mon, 17 Jun 2019 18:06:55 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9CA7B1BF37; Mon, 17 Jun 2019 18:06:54 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 35A811BBF4 for ; Mon, 17 Jun 2019 18:06:53 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jun 2019 09:06:52 -0700 X-ExtLoop1: 1 Received: from silpixa00399752.ir.intel.com (HELO silpixa00399752.ger.corp.intel.com) ([10.237.223.78]) by orsmga005.jf.intel.com with ESMTP; 17 Jun 2019 09:06:50 -0700 From: Ferruh Yigit To: John McNamara , Marko Kovacevic Cc: dev@dpdk.org, Thomas Monjalon , Maxime Coquelin Date: Mon, 17 Jun 2019 17:06:47 +0100 Message-Id: <20190617160648.8506-1-ferruh.yigit@intel.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH 1/2] doc/security: clarify pre-release end of the embargo date X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Clarify that a fixed date will be used for end of embargo (public disclosure) date while communicating with downstream stakeholders. Initial document got a review that it gives an impression that communicated embargo date can be a range like 'less than a week' which is not the case. The range applies when defining the end of the embargo date but a fix date will be communicated. Signed-off-by: Ferruh Yigit --- doc/guides/contributing/vulnerability.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/guides/contributing/vulnerability.rst b/doc/guides/contributing/vulnerability.rst index a4bef4857..0d8432d56 100644 --- a/doc/guides/contributing/vulnerability.rst +++ b/doc/guides/contributing/vulnerability.rst @@ -182,7 +182,7 @@ When the fix is ready, the security advisory and patches are sent to downstream stakeholders (`security-prerelease@dpdk.org `_), specifying the date and time of the end of the embargo. -The public disclosure should happen in **less than one week**. +The communicated public disclosure date should be **less than one week** Downstream stakeholders are expected not to deploy or disclose patches until the embargo is passed, otherwise they will be removed from the list. -- 2.21.0